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SOTAS: Rightsizing for maintrame calibre solutions. 


A lot of businesses today are feeling 
a little boxed in by their mainframe 
operations ... especially where there is a 
more powerful solution available in a 
much smaller, less expensive, and more 
agile configuration. To help you maximize 
the potential of the best of the midrange 
computers, SOTAS International, Inc. 
offers a complete suite of accounting and 
human resources applications. 

SOTAS’ feature/function rich 
applications for UNIX and proprietary 
platforms include General Ledger, 
Accounts Payable, Accounts Receivable, 
Purchase Order and Receiving, Inventory 


Management, Fixed Assets and Property 
Control Management, Payroll, Human 
Resources, Applicant Recruitment 
Tracking, and COBRA Management. They 
assure up-to-the-minute reporting, data 
security and integrity, multinational 
features, system wide ad hoc reporting, 
and superior cash management, all 
delivered through a simple, non-technical 
working environment. And they’re backed 
by SOTAS’ Professional Services— 
programming, evaluation, training, 
migration assistance, and consulting that ~ 
guarantee your applications perform 
precisely the way you want them to. 


Call (508) 372-0770, and discover 
the perfect fit for your business needs— 
the leading edge midrange technology, 
and the proven strength of SOTAS 
International. 


The right size for your business. 


192 Merrimack St., Haverhill, MA 01830. Tel: 508-372-0770 Fax: 508-374-4382 London/Paris: 1-380 0288 Netherlands: 155 69284 
Scandinavia: 4295 8600 Mexico: 5-202 0502 Sydney: 2-954 9011 Hong Kong: 811 0972 Singapore: 355 0794 
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MOUSE-TRAK is designed to 
eliminate wasteful and tiring 
arm and wrist movements. 
Fingertip control of the 
trackball and input keys, 


on your desk. 
Our Materials Matter, Too and an elevated hand support _ For All Major Platforms Lose Your Mouse and Increase 
We only use the best to build —_ helps you avoid repetitive We offer models for all high Productivity If you are a 
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SPECMA Gothenburg, Sweden Tel: 031 89 16 00 © Aurora Systems, Inc. Seoul, Republic of Korea Tel: 718-4985 PHASELYS Rosny Sous Bois, France Tel: 48.94.8485 

MOUSE-TRAK is manufactured in the U.S.A. by ITAC Systems, Inc., 3121 Benton Street, Garland, Texas 75042 Tel: 214/494-3073 Fax: 214/494-4159 Patented by ITAC Systems, Inc. 
MOUSE-TRAK is a registered trademark of ITAC Systems, Inc. Other brand and product names are trademarks Of their respective holders. 
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HP/Apollo Martech 
Memory Megamemories 


>, _Megamemories™ are 100% HP/Apollo compatible. 
4\ They're made from high-quality components, backed 
by a lifetime warranty, and even come with a 90-day 
money-back guarantee. If you're ready to 
save thousands on memory, call or write: Martech, 
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WELCOME TO THE premier issue of hp-ux/usr, the INTEREX publication for HP-UX 
users. Why yet another UNIX magazine? you will ask. Although the INTEREX Board 
of Directors and the Publications Department must consider many issues when a new 
magazine is launched, two main reasons underlie the creation of hp-ux/usr. 

For the last two years Interact magazine has carried articles on both MPE and HP- 
UX. The mix has varied from month to month, but reader surveys and feedback from 
members have indicated a strong desire to see separate publications for the operating 
systems. Users in 3000 shops don’t want to plough through the HP-UX material and 
HP-UX readers have little use for the MPE articles. 

The second impetus for launching hp-wx/usr is the sheer growth of HP-UX. Hewlett- 
Packard is continually expanding and upgrading its HP-UX products. The company 
is moving aggressively to widen its role in the “business UNIX” market; at the same time, 
sales of 9000 workstations in technical and manufacturing markets continue to in- 
crease. IN TEREX reflects this growing HP-UX constituency: membership in the HP- 
UX category is up almost 50 percent over last year. The INTEREX board and staff felt 
that a new, HP-UX-specific magazine best served the burgeoning HP-UX member- 
ship and marketplace. 

hp-ux/usr is the only magazine dedicated exclusively to the HP-UX user. Its raison 
d’étre is to provide hands-on solutions to readers’ day-to-day hardware, software, and 
operating system concerns. ‘The publication examines big-picture issues such as systems 
integration, networks, and distributed computing, and takes a close-up look at solu- 
tions to specific problems. hp-ux/usr provides readers with a level of detail sufficient 
to make the material useful on the job. 

The magazine serves readers at all levels of expertise, from the novice floundering 
in a sea of complicated commands and arcane procedures, to the systems administra- 
tor grappling with a huge network embracing hundreds of users. Our writers are ex- 
perienced HP-UX users, and technical experts from Hewlett-Packard. The overriding 
criterion for selecting articles is their excellence in both content and presentation. 

As a practical matter, HP-UX-specific columns in Interact move to hp-ux/usr with 
this opening issue. New products specifically for the UNIX/HP-UX markets will be fea- 
tured in hp-ux/usr and will not run in Interact. hp-ux/usr is planned as a bimonthly, 48 
to 64-page magazine. Three fine articles and a full complement of columns have pushed 
this first issue to nearly twice the normal length! 

I want to hear from you. Let me have your comments and suggestions about /p- 
ux/usr. Do you have a question?—Send it in for Q&A. Do you have a hot tip?—Write 
it down and submit it to Users’ Forum. Do you wish to write an article or a review?>— 
Call me to discuss it. hp-wx/usr is for users, and its success depends, in large part, on the 
participation of its readers. 


Michael Ehrhardt, Editor, hp-ux/usr hp-ux/usr 

Phone: (408) 747-0227 INTEREX 

Fax: (408) 747-0947 1192 Borregas Avenue 
E-mail: ehrhardt@interex.uucp Sunnyvale, CA 94089 
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Lets your UNIX system 
— actasa : 
eo server!! 


e NetWare 2.2 and 3.11 server emulation e 16, 32 ,64, 100 and 250 concurrent user 
: versions available 


e Ethernet Il and 802.3 packet types 


supported e Now available for SPARC, HP 9000, and 
Silicon Graphics platforms. (SCO and 

e Direct access to UNIX file system and ) other platforms available in near future.) 
print resources by PC clients: UNIX 
users can access NetWare print e DOS terminal emulator included for host 
resources access using IPX protocol | 

e Open Windows and Motif interfaces e 16MB of memory recommended 
supported; SunView command line | 
support. e No UNIX kernel reconfiguration or disk 


partitioning required 
e Low UNIX CPU overhead 


SoftNet and SoftNet Utilities are trademarks of Puzzle Systems Corporation. All other trademarks are trademarks of their respective companies. 


POZZLE SYSTEMS | 16360 Monterey Road, Ste. fice , | 


CORPORATION - Morgan Hill, CA 95037 U.S.A. 
Phone: (408) 779-9909 
The (nnavation Company FAX: (408) 779-5058 


\ BBS: (408) 779-8297 
: email:jal@puzzle.com 
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New Orleans 1992 
INTEREX Conference 

Sig UNIX met on Wednesday, August 
26th, 1992 following a full day of UNIX- 
related papers and presentations at the 
annual INTEREX North American 
Conference. A small but enthusiastic 
group of 29 individuals attended. 

The first order of business was the 
election of officers to serve until the 1993 
Annual Convention. Elected chairman 
for a fourth term was R. Arthur Gentry 
of Gentry and Associates. Denny Allain 
of E Systems was elected vice chairman, 
and John Rasins of Graham and James, 
Secretary. Congratulations to all the new 
and returning officers! 

Next was a brief report from the chair- 
man on activities directly involving the 
group during the past year. It was reported 
that due to restructuring within IN- 
TEREX, SigUNIX no longer had con- 
trol of SIC/HP-UX, CSL/HP-UX or the 
UNIX portion of the annual conference. 
Also, due to new SIG rules, this is the last 
year that the current chairman will be al- 
lowed to serve in that capacity. The new 
chairman will be appointed by the SIG 
Steering Committee rather than being 
elected by the membership. 

Efforts relating to the establishment 
of comp.org.interex on the internet were 
reported and discussion revolved around 
soliciting assistance in getting future at- 
tempts passed by the usenet community. 
Another attempt at establishment will be 
made this spring. All INTEREX mem- 
bers are encouraged to support the vote 
for comp.org.interex when it is presented 
to the net. The chairman reported that 
the last attempt did not fail because of 
negative response, but rather because of 
lack of response to the vote request. Per 
net rules, a minimum of 100 individuals 
must respond to the call for votes for the 


vote to be considered valid; a simple ma- 
jority is all that is required for group es- 
tablishment. The members present all 
agreed that this would be a good vehicle 
for keeping members apprised of activities 
in a timely manner. 

Also discussed was the creation of at 
least a dotted-line relationship with 
InterWorks, the HP Workstation Users 
Group, as those members are also heavy 
users of HP-UX and Domain. The chair- 
man committed to investigating a possi- 
ble working relationship with the group to 
share ideas and information. 

Next was a report from Paul Gerwitz, 
the CSL/HP-UX Chairman. He report- 
ed on the number of contributions in the 
library to date, the significant help we 
have received from HP Labs, and the cre- 
ation of an M.O. disk that has all of the re- 
leases of the CSL/HP-UX on it. Details 
of that report can be found elsewhere in 
this magazine in the CSL Department. 
Thanks for all your hard work Paul! 

Jim Sadler reported on recent activi- 
ties of the SIC/HP-UX, including a re- 
cent survey of concerns and enhancement 
requests. Results of that survey can be 
found in previous issue of InterexPRESS. 
SigUNIX also extends its heartfelt thanks 
to Jim for the work he has done on be- 


half of the group. 


R. Arthur Gentry, Chairman, 
SigUNIX 
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Your Problem: 


High capacity, reliable backup for HP 1000. 3000 & 9000s 
designed to save you time, money and space 


Unattended backup 

* Low cost storage 

* High capacity 

* Compatible with HP 1000, 3000, & 9000s 
SCSI or HP-IB interface 
LCDs for status information 
On-site service throughout the 
United States 


Now available 
with data | 
compression! 


One Source, Many Solutions 
IEM is the manufacturer of the largest line of HP third-party peripherals. 


Corporate Headquarters IEM Europe 


IEM, Inc. ¢ P.O. Box 1889 é t i ¥ | Colorado House 


Fort Collins, CO 80522 USA =i = = Cromwell Park, Banbury Road 


(1) 303-221-3005 + Fax: (1) 303-221-1909 | eave Chipping Norton, Oxfordshire OX7 5SR 


Toll-free (U.S. and Canada): 800-321-4671 (44) 0608 645000 « Fax: (44) 0608 645155 


For information about IEM representatives outside the United States, please contact IEM. 
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Q: | have several patches (about 20) that I need to install and they are all in the /tmp di- 
rectory as *.updt files. Is there some automatic way to update everything? 

A: The method is to load all the patches onto your system using updist, and then run 
update to select all the patches you want. This avoids having to reboot multiple times 
since update will perform all the required tasks (updating libraries, files, etc.) and then 
reboot at the end of all the tasks. 

A Network Server may be used to update itself with patches. First read the instruc- 
tions in the Installing and Updating HP-UX manual on “Setting Up a Network Server 
to Update HP-UX.” 

Now run updist in a loop to load all the patches into the netdist directory (/netdist 
by default). 

Also, it is possible to do all of the ‘updist’s at once if you use a find command with 
the -exec option or a shell loop to run updist in non-interactive mode. 

For example, mkdir /netdist 


for files in *.updt 
do 

updist -s ‘pwd’ /$file '*' 
done 


Note that the ‘~pwd’ is there, since the full path to the file is necessary; otherwise, up- 
dist will consider the file to be a remote server name. 

Once you have run /etc/updist on all the desired patches, you can now run update 
once, changing “Source or Destination” to “From Netdist Server to Local System ...”. 
Next enter the local system name in the “Netdist Server (source):”; then highlight 
“Select/View Partitions and Filesets ...” and select the desired patches and run update 
normally. 

Once update has completed, regen will be run and the system will be reboot- 
ed. You should then move all the PHKL_ xxx.text files in to the /system/ 
PHKL_xxxx directories. You may now remove all the PHKL” files from the 
/tmp/directory. 

This technique also has an advantage in that this computer can now provide patch- 
es to all other similar machines on the network. 


Q: When bootup (or /etc/dmesg) reports real memory, lockable mem and avail mem, oc- 
casionally avail mem goes close to zero. This is usually caused by having nproc set ex- 
tremely high, such as nproc=9000. 
A: When configuring large systems, you might occasionally scale-up system para- 
meters to unusable extremes, in the case that system resources come into high de- 
mand. The unfortunate side-effect of this is that doing so increases the kernel’s use of 
memory for unneeded tasks, preventing the use of kernel memory for other, necessary 
tasks. 

One example of this is a situation in which the system will not allow any process to 
lock memory, because it has reserved too much space for non-lockable memory. ‘This 
can be seen at boot time, with the messages: 


IAL Ust 


NBSPOOL 


NBSPOOL 
FOR UNIX... 


IV’S ABOUT 
TIME 


DS sapitite management for UNIX just got easier! 
NBSpool for UNIX gives operators and end users a 
simple yet powerful way of managing output and 
spooled devices. With NBSpool, the UNIX spooler can easily meet 


the heavy demands of commercial UNIX applications. 


Capabilities Include: On-Line Report Viewing * Automatic Forms 
Alignment & Management ¢ Easily Re-Order Printing Priority ¢ 
Robust Subset Selection Criteria with Wild Cards ¢ Restarting a 
Report at a Specific Page © Quickly Recover from Paper 
Jams ¢ Print to Slave Printers ¢ Automatically Archive 
Reports to Disc or Tape for Long Term Storage ¢ Easy to 


use Command Syntax and On-Line Help. 


For network users, NBSpool for UNIX lets you move output to 
printers connected to other systems such as the HP 3000 and 
DEC/VAX, or PC LAN's like AppleTalk, NetWare and LanManager. 


NBSpool for UNIX has been designed to simplify and streamline all 


your spooling needs. As companies and organizations 
grow, NBSpool for UNIX offers options for expanding 
data processing needs . previously unavailable. 


FOR ADDITIONAL INFORMATION OR A DEMONSTRATION TAPE CONTACT: 


BNGSGSes 5 


Quest Software, Inc. 610 Newport Center Drive, Suite 890, 
Newport Beach, CA 92660 Phone: 714-720-1434 Fax: 714-720-0426 


In Europe Contact: 
System Software (Int.) UK (44) 0905 794646 
ORBiT (33) 4025 1650 France ¢ (49) 30 852 70 97 Germany ONC/NFS 
(31) 2979 11468 (Benelux) B.V. © (34) 3 280 32 54 Spain 
(45) 42 335959 (Scandinavia) AB 
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question and answer 


real mem = RRRR 
lockable mem = LLLL 
avail mem = AAAA 


= “rel mem” is the total amount of physical memory in use by the 
system. Unless you have imposed hardware restrictions on sys- 
tem memory, this should be all of the memory installed. The 
number is in bytes. 

# “lockable mem” is the amount of memory which the system will 
allow processes (including the kernel) to “lock”. When a process 
attempts to lock memory (see plock(2)), it is requesting that 
the OS keep this physical memory associated only with this 
process. 

This is to keep a critical process from having to give up its 
physical memory and then wait for the VM system to page or 
swap in pages when they are needed. Asa rule, you do not want 
all of your memory to be lockable, because this could defeat the 
VM system — if processes locked most of memory, then other 
processes would not have any memory to run. 

# “avail mem” is the amount of memory available for user process- 
es to use. This is the difference between “rel mem” and the 
amount used by the kernel itself. 

In this message, if “lockable mem = 0”, this means that the sys- 
tem has reserved all memory as un-lockable, and that if a process 
wishes to lock some of its memory, the locking request will be de- 
nied. There are two ways to arrive at this situation. 

1- Setting the “unlockable_mem” parameter too high in the 
gen file. Note that this value is specified in pages, so multiply 
by 2k or 4k, depending on your machine, to find how much you 
are specifying. (See System Admin Tasks, appendix A) 

2- Using the default of “unlockable_mem” as 0 (or less), and set- 
ting nproc (number of processes allowed on the system) very high. 

‘This second scenario is not well documented, and will result 
in the system making the following calculation at boot time: 


unlockable_mem = 100 + (UPAGES/2) * nproc; 


The system is trying to figure out how much memory would 
be required to keep half of the process-management areas 
(u_areas) in memory at all times, when all of nproc processes 
are in use. 

In 8.0, with 2k pages, UPAGES/2 is 2, so that’s “100 + 2 * 
nproc” pages of unlockable_mem. If an unknowing user sets 
nproc to 10k, unlockable_mem will be set to 100+20k, or rough- 
ly 40MB. On a system with 48 MB of physical memory, this will 
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allow little, if any, memory to be lockable. 

The moral of all this is that if you have a system with process- 
es failing because there is no memory to lock, and unlock- 
able_mem is set to 0, then you should check to see that nproc is 
something reasonable. 


Q: How do | view results of customized SAM scripts? 
A: Users can write their own customization scripts for SAM to 
execute automatically before or after certain tasks such as adding 
a new user. However, when SAM runs the script, there is no 
output from the script shown to the user. 

SAM actually saves this output into a file called: /tmp/cus- 
tom.log and it will contain the text from SAM’s acitivity as well 
as any output from the user’s script. It is overlaid by each run of 


SAM, rather than being appended. 


Q: Changing a remote printer to JetDirect does not work. 

A: The install script is smart enough to recognize that an exist- 
ing printer is being changed to JetDirect. However, the script sim- 
ply adds the JetDirect model to the /usr/spool/Ip/interface 
directory and moves the existing model script to the subdirectory: 


/usr/spool/lp/interface/model.orig 


with the same name as the printer. If the printer was previous- 
ly a local printer (i.e., RS-232 or parallel), then the conversion 
will go without a problem. However, a remote printer, located 
on another host system, will have a special model script in the in- 
terface directory and the resultant conversion will not work. 

Here is a diagram of how the JetDirect scripts work (the print- 
er is named jet1) 
/usr/spool/lp/interface/ jet’ (JetDirect-specific script) 
/usr/spool/lp/interface/model.orig/jet1 

(a model script called by 
the jet1 script in the parent directory) 


‘To fix the problem, use Ipadmin (-x option) to remove the 
remote printer completely. If the JetDirect conversion has al- 
ready been done, remove the file stored in /usr/spool/Ip/inter- 
face/model.orig, which has the same name as the remote printer. 
Verify that the remote printer has been removed with Ipstat -v. 

Now add the JetDirect printer/plotter using /usr/lib/hpnp/hp- 
npcfg and choose the Add peripheral to spooler option. The 
above problem does not affect BOOTP configuration. 


Aust 


We're HP experts. 


For more than 16 years, we’ve been designing our 
World Class Series Accounting, Payroll and Human Resource 
systems to support all of HP’s commercial platforms. 

We cut our teeth on Classic. Then introduced the first 
accounting and human resource package for HP’s RISC-based 
architecture in native mode under MPE/XL.. 

Today, our software is completely portable across 


HP-UX and MPE/iX operating systems, and available on 


Why Should You Choose Collier-Jackson’s 
World Class Series™ Accounting, 
Payroll And Human Resource Software? 


client/server architecture. There are other advantages, too. 
For starters, our powerful systems offer unparalleled 
performance and robust feature/functionality. They’ re fast, 
intuitive and easy to learn. We even give you the ability to 
use popular user interfaces like Microsoft’s Windows and 
OSF/Motif. 

So, if you’re looking for a total accounting, personnel 
and payroll solution for your company, talk to the vendor 
that understands your HP hardware. Inside and out. 

To find out more about Collier-Jackson’s World Class 


Series software, call 813-872-9990 today. 


CompuServe 


Collie-Jackson 


World Class Series is a trademark of CompuServe/Collier-Jackson. All other 
product names mentioned herein are for identification purposes only and may be 
trademarks and/or registered trademarks of their respective companies. 
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question and answer 


Q: After installing the JetDirect card in my printer, the error mes- 
sage 43 OPT INTERFACE is displayed and | cannot print to the 
printer. 

A: The JetDirect card (models C2071S and C2071T) does not 
have permament storage of its configuration and requires a 
BOOTP server to download the IP address, subnet mask, and 
other configuration data. If the LAN cable is disconnected while 
powering up the printer, or the BOOTP server is offline or not 
configured, the 43 error will be displayed. 

‘To verify the problem, you can press Continue on the front 
panel of the LaserJet and the printer will go online, displaying 
READY. By pressing the STATUS button on the JetDirect card 
(in the back), a status sheet will be printed, and if the IP address 
is still 0.0.0.0, then the card has not been loaded by the BOOTP 
server. 

Refer to the JetDirect Administrator’s Guide (p/n C2850-90001), 
chapter 2, for setting up and verifying a BOOTP server. 


Q: How do | browse man pages in HP-UX? 

A: It would be nice to browse through man pages using a facil- 
ity like vi to locate keywords and jump back and forth. The fol- 
lowing script will do this: 


#! /bin/sh 
TMP=/usr/tmp/.myman$$ 
rm -rf $TMP 
man $1 | col -b | unexpand -a > $TMP 
if C -s $TMP J 
then 
vi $TMP 
fi 
rm -rf S$TMP 


Save this script in /usr/local/bin or /usr/contrib/bin as ap- 
propriate and change the permission to 755 so everyone can ac- 
cess the script. Io read a man page with vi, type: 


viman fsck 

for example, and the fsck man page will be passed to the vi editor. 
Q: Can | use a non-Ip spooler with the new LaserROM program? 
A: Beginning with the new LaserROM-II program called Irom 


(version B.00.00), the list of printers is easily customized for ap- 
plications such as OpenSpool as well as non-HP spooling systems. 
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Normally, lrom will call the command Ipstat -v for a list of 
printers in the current system. This list is processed through a 
simple script that extracts just the name of the printer. ‘To make 
this task easily customizable, a script called /usr/lrom/prnlist.gen 
is provided for the system administrator to modify according to 
local needs. The script contains the line: 


lpstat -v | awk -F: '{ print $1 }' | awk '{ print $3 }' 


which produces 1-line output of just the printer names. For ex- 
ample, if Ipstat -v produces: 


device for hp2564b: /dev/lp0 
device for lj2k_a: /dev/null 
device for lj2_c: /dev/null 
device for lj_e: /dev/null 
device for lj_k: /dev/null 


then the script produces: 


hp2564b 
Lj2k_a 
Lj2_c 
lj_e 
Lj_k 


For non-standard spoolers such as OpenSpool or non- HP-UX 
spooling systems, change the script prnlist.gen. This script must 
be readable by lrom in the current environment. [f it is missing 
or unreadable, lrom will use a built-in copy of the default script, 
which is stored in the program. 

The script is read-only at the beginning of the lrom program 
so changes to the script will take effect after Irom is stopped and 
then restarted. 


Bill Hassell, HP-UX System Support at the HP Response Center in 
Atlanta, Georgia, supplies hp-ux/usr with the Center’s “most often 
asked” questions. 


9000 Workstation 

Q: 1 currently have a ScanJet IIC for my PC. Can I use it on my 
HP 9000 Series 700, Model 750 ? 

A: There will be a SCSI 2 upgrade path for existing PC-based 
scanners that would like to move to a Series 700 HP-UX work- 
station. This upgrade will be made available for all customers 
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and dealers using or supporting a ScanJet 
IIC on a PC. A one-time charge to the 
customer will ensure a rapid one-day 
turnaround with a retro-fitted SCSI I 
scanner unit. 

‘To upgrade your SCSI I compatible 
scanner call: Hewlett-Packard Corvallis 
Telemarketing, (503)750-3105. 

You will receive an upgrade price 
quote and instructions over the phone. 
DeskScan-UX is an HP-UX software 
product that will enable the HP ScanJet 
Ic desktop color scanner on configured 
Series 700 workstation platforms. 

DeskScan-UX supports TIFF, JFIF, 
GIF, XBM, XPM, XWD, and BMF file 
types. Printing is supported on PCL de- 
vices in PCL3+ and PCLS formats, using 
the HP SharedPrint (Hardcopy) prod- 
uct. 

DeskScan-UX is supported on HP- 
UX IF3 8.07 OS or later versions. X 
Window System (Version 11 Release 4) 
includes MOTIF V1.1, included with 
HP-UX 8.07 or greater. 

You can either purchase the scanner 
bundle (which includes a ScanJet IIc), 
product number C1788A or the Interface 
Kit only (excludes ScanJet IIc), product 
number A2229A 0 


Kaushik Mehta of the Hewlett-Packard 
Response Center in Atlanta, Georgia, 
answers workstation questions. 
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QUALITY HP 
EQUIPMENT WITHOUT 
THE HP PRICE 


DON’T UPGRADE YOUR HP SYSTEM UNTIL 

YOU GET A SECOND OPINION FROM THE 

SECOND SOURCE FOR HEWLETT-PACKARD 
1000-3000-9000 EQUIPMENT 


Consult with us about cost-saving alternatives 


¢ Complete Configurations 
e@ Individual CPUs-Peripherals 
® Memory Upgrades and Feature Enhancements 
e Classic and Spectrum Equipment 
WE BUY 
Highest Prices Paid 


WE SELL 
“All Items Sold Are Guaranteed for HP Maintenance 
*Short and Long Term Leases Available 


WE TRADE 
Over 1000 satisfied Hewlett-Packard users are our 
customer references throughout the 
United States, Canada, Europe, and the Far East. 


C.S.U. Industries, Inc. 


207 Rockaway Turnpike, Lawrence, NY 11559 
(516) lal 4310 Bans Behe 239-8374 


Ask for Mordi: 
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INTEREX 
on InterNet 


INTEREX has established connections to InterNet, allowing for fast 
and easy E-mail exchange between INTEREX and its membership. 
In addition, INTEREX is carrying the complete “comp” news 
hierarchy of NewsNet and will be posting items of interest to 
Hewlett-Packard computer users in “comp.sys.hp”. 

To send mail to INTEREX, use one of the following formats. Please 
check with your local system administrator to see which is valid for 


your particular site: 


(name) %interex Yodaver.uucp@uunet.uu.net 
example = sullivan %interex Yodaver.uucp@uunet.uu.net. 


The following IDs are currently active on INTEREX’s HP 9000: 


ID DEPARTMENT 
postmaster InterNet support 

cslhpux CSL/HP-UX support 
clsmpe CSL/MPE support 
membership | Membership Services 
finance Finance 

pubs Publications 

gerwitz CSL/HP-UX contributions 


conference Conference arrangements 


The International Association of Hewlett-Packard Computer Users 


a 


NAME 

John Sullivan 

Paul Gerwitz 

John Sullivan 

Ruby Turner/ Johanna Seele 
Ron Padilla 

Dick Rasmusson 

Paul Gerwitz 

Kathy Herzog 
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PUY Systems administration 


HELLO AND WELCOME to the new HP-UX 
specific publication and the Systems 
Administration Column. My name is 
Chris Curtin and I am a Senior Software 
Engineer for Bradley Ward Systems, Inc. 
in Atlanta, Georgia. I am also the Systems 
Administrator for the company. 

I have written the HP-UX Systems 
Administration column for Interact for the 
past year and a half, and I am excited about 
having a more focused audience on HP- 
UX instead of being often the ONLY 
HP-UX specific piece in the magazine. 

I have been the “official” Systems 
Administrator at BWI for about four 
months. Unofficially I had been per- 
forming the job for almost two years. I 
administer a LAN consisting of an HP 
9000/827, currently running HP-UX 
8.02; an HP 9000/835, currently running 
HP-UX 7.00; an HP 9000/720 running 
HP-UX 8.07; ten 700 R/X X terminals 
and a couple of PCs and a Macintosh. 

Unfortunately I do not have access to 
any 300 or 400 systems. All of my columns 
will be about HP-UX in general and 
should also apply to the 300 and 400 sys- 
tems. I clearly mark anything that is hard- 
ware specific. 

As a company, BWI develops process 
supervisory and control software for fac- 
tory automation and statistical weight con- 
trol on HP-UX. We make extensive use 
of the X Windowing System, the HP-UX 
“real-time” priorities, C and C++ com- 
pilers and networking features. Our con- 
stant stressing of HP-UX allows me to 
detect problems, suggest performance im- 
provements and use new features daily. 
Anything that I learn I pass on to you 
through this column. 

I would also like feedback from you, 
the reader, on this column. As systems ad- 
muinistrator, once things settle down and 
start to work correctly, there is very little 


that you must do to keep the system run- 
ning day to day. Daily backups and simple 
maintenance are all that is needed. My 
systems now are fairly stable so I have very 
little to do as systems administrator (as a 
software engineer, that is a different story!). 
What I would like from you is ideas for 
future columns and feedback on my writ- 
ing: Are the columns too basic? too com- 
plex? are they boring? I would like to know 
so that I can better address your needs and 
hopefully learn something new myself. 

Here are some ideas that I have for 
topics over the next few months: 

1. Installing HP-UX 9.0 on a bare system. 
2. Upgrading to HP-UX 9.0 from 8.0 and 
7.0. 

3. An overview of HP-UX 9.0 from a sys- 
tems administrator’s point of view. 

4. Logical Volume Manager (LVM) 

5. The new Systems Administration 
Manager (SAM). 

6. Glance for HP-UX 9.0 

7. The new NFS release supported in 
HP-UX 9.0 

8. Administering the X Window System 
Releases 4 and 5. 

9. HP’s new support tools: XSTM and 
CSTM. 

10. Obtaining information about HP-UX 
patches. 

11. Publicly available HP-UX systems 
administration tools. 

The HP-UX 9.0 specific columns will 
be written when | have updated or in- 
stalled our systems. I may also combine 
several topics into one column. 

For the rest of this month’s column I 
will suggest ways of getting control of 
your HP-UX system’s disk space. 

There are several HP-UX programs 
and daemons that create log files that can 
grow without bounds. These are the first 
area that you want to tackle. Many of 
these files are useful for problem diag- 
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systems 


nostics or testing a new configuration but are not necessary for 
everyday use. These include: 
/usr/spool/lp/log Information about every print job 
/usr/spool/lp/lpd. log Information about the lpd daemon 
/usr/spool/uucp/.Log/uucico/* Information about UUCP transfers 
/usr/spool/uucp/.Log/uux/* Information about UUCP actions 
/usr/spool/uucp/.Log/uuxqt/* Information about UUCP commands 
/usr/spool/mqueue/syslog Information about all mail messages 

Many of these files are cleared when the system is rebooted, but 
if your system is not rebooted often you may want to trim them. 

Every time a user logs in to the system, a record is created in 
the /etc directory in three files: /etc/wtmp, /etc/btmp, and 
/etc/utmp. This information is used by the accounting system, 
the who and w commands and the finger command. ‘This in- 
formation is useful for the last few logins by a user, but not the 
last one hundred! Trimming these files regularly will save some 
disk space. 

Now, how do you clean up all these files? I recommend a two- 
pronged attack: When the system is booted, and monthly. When 
HP-UX boots it executes a file called /etc/re. This file starts many 
of the HP-UX subsystems and daemons. There is a subroutine 
in the file named ‘localrc()’ where you can add system specific 


commands to run when the system is booted. I have a script that 


documented. The ’93 release will feature: 
= imake 4.0, a make facility for windows 


systems) 
= f2c,a FORTRAN to C converter 
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face. The programs are tested, debugged and fully 


is executed in this file. It cleans out the /etc/*tmp files, the mail 
and Ip spooler files, and the UUCP files. The other way used is a 
monthly cron job that calls the same script at 3 or 4 in the morn- 
ing. 

The /etc files must be cleaned up using: cat /dev/null > 
/etc/<name>. Blindly removing the /etc files is not a good idea! 

You should also look through the /usr/spool directory for any 
large files that have ‘log’ in their name. ‘These are log files creat- 
ed by different processes that may be specific to your system. 

Once you have cleaned out the log files, you should look for 
core files. Core files are images of processes created when they 
receive a fatal signal. These are often large and also are forgot- 
ten about. Cleaning up core files is easy: 


1. Change directory to the root (/) directory. 


2. Execute find / -name “core” -mtime +3 -exec rm -rf {}\; 


The second step tells the find command to find all files named 
core that are more than three days old. The time period is im- 
portant because your developers would not want you to remove 
a core file that they were using! I have this command in a script 
that I run every night at 1 a.m. 

Before you start removing core files automatically at night, 
send a message to all your users that you will be doing this. If 
your developers know that you are yoing to be deleting the core 
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HP-UX CSL Release Update 


The ’93 HP-UX CSL release is scheduled to be 
shipped in late April. The release contains utilities and 
applications that have been created by HP-UX 
veterans to target specific challenges HP-UX users 


The ’93 release will ship automatically to all 
INTEREX HP-UX CSL level members; additional 
releases are available for purchase to CSL level 
members for $400 in any of the following formats: 
1600 BPI magnetic tape, 6250 BPI magnetic tape, 
Linus cartridge tape (CS-80) or DAT 4mm. 


= xgrab, a capture program for Windows graphics 
= X11R5, latest fix files for X11R5 (for X window 


Call (800) INTEREX or (408) 747-0227 


for more information. 
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files every night, they can rename them if they want to save them. 

The next area to check is the /dev file system. Often large 
files are placed here when a user tries to create a file on a device 
that does not exist. For example: The DAT drive on our 827 is 
/dev/rmt/Om. I have found files in /dev named ‘/dev/rmt/om.’ 
HP-UX does not complain if the file that you are using for a 
tape device does not exist. Rather, it will create the file as a nor- 
mal file, instead of using a special device file! 

To check if there are any such files, execute: 


find /dev -type f -exec ll {} \; 


This command will find any files that are normal files (the 
-type parameter) and give a long listing of the file. If the com- 
mand shows any files, remove them. 

Now look in the lost+found directories for each file system. 
If there are any files in these directories, try to determine what 
they are. If you cannot, delete them. If someone was missing 
them, they would have complained before now. 

Finally clean up the /usr/tmp and /tmp directories. Set a rule 
that any file left in this directory for more than three days will be 
deleted. This way your users will not be surprised when files start 
disappearing and it will teach them to clean up after themselves! 

To clean out these directories use: 


find /tmp /usr/tmp -mtime +3 -exec rm -rf {}\; 


This is just like the command to remove the core files I used 
above. Now that you have cleaned up the fies that you have 
control over, ask your users to do the same. Check the size of their 
mail boxes in /usr/mail. If they are greater than one megabyte, 
then ask them to clean them out. Also have them look for blind 
carbon copies of their mail. Most mailers allow you to specify that 
a copy of any mail that you send out be saved in a local directo- 
ry. Have them clean those out also. 

These steps should help you keep tabs on how much disk 
space you really need on your system and keep the HP-UX log 
files from growing out of control. 

I am looking forward to hearing from you about ideas and 
suggestions for this column and on this publication too! 0 


Chris Curtin, a software developer for Bradley Ward Systems, Inc. in 
Atlanta, Georgia, specializes in device driver development for factory 
autontation on the HP 9000. He can be reached via e-mail at: 
gatech!wittsend!bwilab3!chris 
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share Your 
Expertise 
Submit an article to hp-ux/usr 


hp-ux/usr editor, Michael 
Ehrhardt, is looking for well writ- 
ten user-submitted articles that 
address the real problems of both 
the new HP-UX user and the ex- 
perienced administrator. ‘The 
overriding criterion for selecting 
articles is their excellence in both 
content and presentation. 


Authors of articles chosen to ap- 
pear in hp-ux/usr will receive $50 
per typeset page. Authors of arti- 
cles that review hardware and soft- 
ware pertaining to HP-UX will 
receive an additional bonus of 
$300 to $800 depending upon the 
complexity of the review. 


The preferred format for submit- 
ting copy is Version 2.0 of Word 
for Windows, followed in order of 
preference by Microsoft Word, 
Word for the Mac or pure ASCII 
text. Copy should be sent via 
InterNet E-Mail or on Floppy 
disks. Any graphics or figures 
should be submitted on disk in 
PICT or PCX format. 


For more information, 
contact Michael Ehrhardt 
at (800) INTEREX. 
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newest version of HP LaserROM/UX, 
seemed to me that all my life had been 


HP has established a new standard for 


me perfect moment of rose- 
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a 
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online documentation systems exist today, 


@ HP’s LaserROM/UxX effectively uses the 


i“ analogy of a book with tools not unlike 
oo the methods used to browse through 
7 paper manuals. Leadership in elec- 


tronic documentation enables 
the HP-UX user to quickly 
search through dozens of 
manuals and be confident 


that the documentation is up- 


dated every month via CD-ROM. 
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A New Look for 
LaserROM/UX 


by Bill Hassell 


Not unnoticed by the computer community was the possi- 
bility to use the compact disc as a media for computer data stor- 
age. Despite a multitude of critics, the read-only nature of the 
CD survived the audio test and now it has become a new way to 
think about data distribution. After all, computers 
have traditionally used only write/read media. 
Or is that true? Remember paper tapes 
and punched cards? These write-once, 
read-many artifacts were for many 
computer buffs the only method to 
communicate with computers 
during the early days of com- 
puting. In this regard, the CD 
is no different except that the 
magnitude of data contained 
on that little five-inch disc is 
now over 600 megabytes. 

Storing the data involves a 
process not unlike pressing 
phonograph records (remember 
them?) where a master is created 
and each disc is manufactured by 
pressing the data bits into a thin metal 
coating. The computer CD is called a CD- 
ROM for short and is read using equipment 
similar to their audio counterparts. As with the audio 
disc, large portions of the data are devoted to error detection 
and correction. The data tracks are so small that the slightest 
amount of dust and/or finger prints will cause errors when 
reading the bits from the disc. 

Compact Discs use a sophisticated method to handle error 
conditions, including elaborate checksums as well as error cor- 
rection bits. Yes, errors in the data stream can actually be cor- 
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As with the 
audio disc, large 
portions of the data 
are devoted to error 
detection and 


correction. 


rected by using additional data stored on the disc. For audio 
discs, this means that the music flows non-stop without an 
error. Even when the audio disc has an unrecoverable error, 
additional circuits in the player will create ‘fill-in’ sound by 
duplicating a previous moment of the music. Only 
the worst errors will cause the audio disc to 

lose track and reset itself. 
Inherent with the advent of distrib- 
uted computing are the problems as- 
sociated with documentation, its 
price and availability. Many 
computer centers will have sev- 
eral workstations on a network 
and this lends itself well to a 
centralized documentation 
strategy. Within the HP-UX 
community, online documen- 
tation often takes the form of 
the man page which users can 
access from a standard operating 
system installation. However, a 
fully formatted set of man pages can 
occupy more than 15 megabytes of disk 
and many system administrators will either 
delete the entire man page directory structure, 
or at least remove all the formatted page directories in 

order to reduce the storage requirements. 

For a bit of history, look at figure 1 (next page) to see how 
the original product was developed for the HP 3000 docu- 
mentation requirements, then ported to the HP 9000. ‘The 
original design for HP LaserROM was based on the PC, 
using MS Windows as the environment. With the HP 9000, 
both a graphics window version as well as a character version 
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FIGURE 1 


HP LaserROM Milestones 


HP-UX DISC 
HP-UX PLATFORM 
CHARACTER MODE 


INTRODUCTION 
-MPE V DISC 
PC PLATFORM 


MPE-XL DISC 


1987 1988 1989 


were designed, offering great flexibility within the multi-user 
environment of HP-UX. 

Extensively researched and tested prior to introduction, the 
latest version of LaserROM has many of the most-wanted fea- 
tures voiced over the last several years including multiple 
pages opened at the same time, bookmarks or margin notes, 
and unlimited database searches. 

Much of the credit for the design goes to the early work done 
in HP’s human factors laboratories, where preliminary versions 
of the program’s appearance and base functionality could be 
evaluated and fine tuned before program coding was begun. 

Within HP, HP LaserROM/UX has fostered the growth 
of a standard mark-up language such that paper or electronic 
documentation may be prepared from the same source docu- 
ments. In this way, most of the conversion process can be au- 
tomated, thereby virtually eliminating possible differences 
between the paper copy and the CD-ROM version. This is no 
small feat in that HP LaserROM/UX must use a fixed font for 
display, primarily for character-based terminals and for print- 
ing, while the source documents ultimately use proportionally 
spaced fonts for good appearance in printed form. If the text 
were simple text, there would be no problems; however, many 
documents contain reference tables which when expanded, 
produce line widths over 100 characters long. 

To keep tables in relative alignment, the tables must be 
formatted by the markup language using built-in intelligence 
for table formatting. In this case, an item in a box might re- 
quire only one line when printed with proportionally spaced 
fonts, while the same item will need three lines in a fixed font. 
The formatter then adjusts the size of all the boxes on a given 
entry to match the longest box. 

Pictures are worth a thousand words and in CD-ROMs, 
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this is often quite literally true. A large half-page picture is 
stored as a series of dots at HP LaserJet resolutions of 300 
dots per inch. Thus, a picture 5 by 7 inches in size will require 
almost 400,000 bytes of data to store the picture. Even with 
more than 600 megabytes of storage available, the CD-ROM 
may overflow with graphic images. Typically, the text for a 
LaserROM documentation disc occupies less than 10 percent 
of the available data space while graphics images fill the rest. 

Starting in June of 92, HP began shipping the newest ver- 
sion of LaserROM for the HP 9000 series of computers. This 
version, based on Motif windowing standards and using the 
X11/RS5 libraries, not only provides a new look and feel for 
LaserROM/Ux, it functions very much like the books it was 
meant to replace. In addition, LaserROM/UX reads com- 
pressed graphics files thus allowing even more data to be 
stored on the discs. 


CDROM Drive Installation 

Installing LaserROM/UXxX is quite simple and involves set- 
ting up the host computer to allow CD-ROM disc drives to be 
attached. Here is a summary of the steps for HP-UX begin- 
ning with the adding of a CD-ROM drive to the computer: 


HP 9000 Series 300 Computers 

First, verify that cdfs has been added to your kernel. Use 
SAM to perform this task by selecting the Kernel Configuration 
-> menu item and then Add/Remove Subsystems ..., which will 
then display the state of various subsystems including cdfs 
(shown as CD-ROM/9000). If not present, cdfs can be added 
with SAM or you can edit the file /etc/conf/dfile. 

Run the editor on /etc/conf/dfile and verify that the 
appropriate interface drivers are present: either cs80 (for 
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HP-IB) or scsi for SCSI). Also verify that the appropriate 
interface has been added to dfile (98624 for the internal 
HP-IB interface, 98625 for the external HP-IB interface or 
98265 for the SCSI Interface). 

The Model 600/A CD-ROM drive is a CS80 disk device 
and must use the cs80 driver. The internal CD-ROM drive op- 
tionally found on many Series 400 computers is SCSI, as is the 
external drive, the A1999A CD-ROM drive. Also, the CD- 
ROM discs use a different file system called ‘cdfs’, which han- 
dles the unique read-only characteristics of the CD-ROM discs. 

Be sure that the computer is properly shut down and pow- 
ered off before attaching any cables or new devices. For SCSI, 
be sure that the proper SCSI terminator is used on the last de- 
vice in the chain. 

Set the address of the CD-ROM drive before powering up 
the computer and drives. For the HP-IB drive, simply rotate 
the address dial on the back to an unused address on the HP- 
IB chain. For the built-in SCSI CD-ROM drive or the exter- 
nal CD-ROM drive, refer to the installation manual for 
information on the jumpers or switches. 

After rebooting, cd to the directory /etc/conf and regener- 
ate the kernel by typing: 


config dfile 

After successful completion of the config command, type: 
make -f con g.mk 

Verify that the make command has created the file hp-ux. 
Then, be sure that you are logged in as root on the system 
console, and that all users on the system have logged off. 


Move the kernels to their new locations by typing: 


cp /hp-ux /SYSBCKUP 
mv hp-ux /hp-ux 


finally, reboot the new kernel by typing: 
/etc/reboot 


If there are problems with the new kernel, use the shut- 
down command, 


/etc/shutdown -h 0 
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to cycle power on the CPU, and then press any key after the 
word ‘Keyboard’ is displayed on the screen (attended-mode 
boot). Then wait for a list of the known operating systems to 
appear in the upper right corner of the screen and choose 
SYSBCKUP, which is typically 2H. 

Once the new system has been booted successfully, log in 
as the root user and make the device files for the CD-ROM 
drive. They will appear the same as any disk device so the 
rules are the same. 


For the HP-IB version of the CD-ROM drive: 


The HP-IB drive can be on either high-speed or low-speed 
HP-IB bus connections. Although the drive is somewhat 
slower than most CS80 disks, tests indicate that there is no 
noticeable performance change when connected to the same 
HP-IB cable as the main system disk(s). 

As with all HP-IB disks, if the CD-ROM player is on the 
same bus as a 9144, 9145 CTD, or the autochanger for CTD’s, 
the use of the CTD at the same time as CD-ROM access can 
delay the data for several seconds. 

Now, make the special files using the mknod command: 


mknod /dev/dsk/CD-ROM1 b 0 Oxssaa00 
mknod /dev/rdsk/CD-ROM1 c 4 Oxssaa00 


where: CD-ROM is any meaningful name for the CD-ROM 
drive; for example, the name CD-ROM1 could be used for a 
CD-ROM at HP-IB address 1. The major number is 0 for the 
block device and 4 for the character, or raw device. 

Oxssaa00 is the HP-IB selectcode and address for the CD- 
ROM. ‘ss’ is the selectcode, for which 07 is typically the 
low-speed card and 0e is the internal high-speed HP-IB se- 
lectcode. The ‘aa’ digits refer to the HP-IB address set on the 
back of the CD-ROM player. Since all disk devices are limited 
to an HP-IB address of 00 to 07, this will be the range for the 
CD-ROM player. 

For example, to set up the CD-ROM player on selectcode 14 
with an HP-IB address of 5, the mknod commands would be: 


mknod /dev/dsk/CD-ROM5 b O Ox0e0500 
mknod /dev/rdsk/CD-ROM5 c 4 0x0e0500 


Note that multiple CD-ROM players are supported with 
the same rules that apply to multiple CS80 disks. 
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And for the SCSI version of the CD-ROM drive: 
Make the special files using the mknod command: 


mknod /dev/dsk/CD-ROM1 b 7 Oxssaa00 
mknod /dev/rdsk/CD-ROM1 c 47 Oxssaa00 


where: CD-ROM is any meaningful name for the CD-ROM 
drive; for example, the name CD-ROMI could be used for a 
CD-ROM at SCSI address 1. The major number is 7 for the 
block device and 47 for the character, or raw device. 

Oxssaa00 is the SCSI selectcode and address for the CD- 
ROM. ‘ss’ is the selectcode where 0e is typically the SCSI I/O 
card. The ‘aa’ digits refer to the SCSI address set on the back 
of the CD-ROM drive. On the SCSI bus, the boot disk is usu- 
ally address 6 (address 7 is the computer) so the CD-ROM 
must be set to an unused address. 

For example, to set up the CD-ROM player on selectcode 
14 with an SCSI address of 0, the mknod commands would be: 


mknod /dev/dsk/CD-ROMO b 4 Ox0e0000 
mknod /dev/rdsk/CD-ROMO c 47 Ox0e0000 


Note that nfultiple CD-ROM players are supported with the 
same rule as any SCSI disk drive (cable lengths, terminators, etc). 


Japanese 
LaserROM/UX 


LaserROM goes international as one of the first 
LaserROM/UX products designed for non-English 
languages has been announced. Nationalization is 
done for both the windows (buttons, menu bars, etc) 
as well as for the text. Note that the display server 
must be able to accommodate 16 bit characters and 
have the required Japanese font files available. Contact 
your local HP Sales Representative for additional in- 


formation on LaserROM foreign language products. 
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After connecting the drives, setting the address and re- 
booting the computer, test the disc drive with the /etc/ 
diskinfo command as in: 


/etc/diskinfo -v /dev/rdsk/CD-ROMO 


which will report back details about the drive. If the command 
fails, the drive is not responding to the address specified in the 
minor number for the device file. Here are two example: 


SCSI describe of /dev/rdsk/CD-ROM: 
vendor: TOSHIBA 
product id: CD-ROM DRIVE:XM 
type: CD-ROM 
size: 194044 Kbytes 
bytes per sector: 2048 


or, 


CS80 describe of /dev/rdsk/CD-ROM: 
product id:1707 
type: flexible or removable media 
size: 406269952 bytes 
bytes per sector: 256 


HP 9000 Series 700 Computers 

The SCSI CD-ROM drive (internal or external) is a nor- 
mal SCSI disk drive, needing only the SCSI ID number to 
complete the mknod command. Assuming that the CD-ROM 
drive has been set to address 3, the following commands can 
be used to add the disc drive to the system: 


/etc/mknod /dev/dsk/CD-ROM b 7 0x201200 
/etc/mknod /dev/rdsk/CD-ROM c 47 0x201200 


Note that the name is CD-ROM, although this could be 
2s0 or even c201d2s0; names for device files are not generally 
restricted on the 700 workstations. Although the CD-ROM 
drive cannot be written on (or formatted), creating both a 
block and raw device file is recommended. This allows the 
/etc/diskinfo utility to be used to identify the drive, 

When media has been inserted into the CD-ROM drive, 
/etc/diskinfo may be used to verify correct connection of the 
drive. It performs a quick status check and reports the results. 

For example: 
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/etc/diskinfo -v /dev/rdsk/CD-ROM 


will report back details about the drive. If the command fails, 
the drive is not responding to the address specified in the 
minor number for the device file. Here is an example: 


SCSI describe of /dev/rdsk/CD-ROM: 
TOSHIBA 
product id: CD-ROM DRIVE:XM 
type: CD-ROM 
size: 194044 Kbytes 
bytes per sector: 2048 


vendor: 


In addition to the two device files, the kernel must have the 
driver ‘cdfs’ added before the media can be mounted. To 
check whether the kernel has cdfs installed, use SAM: Select 
the Kernel Configuration -> menu item and then Add/ 
Remove Subsystems ..., which will then display the state of 
various subsystems including cdfs (shown as CD-ROM/9000) 
If not present, cdfs can be added with SAM or you can edit 
the file /etc/conf/dfile and add the line 


cdfs 


Its location is not important, although for readability it would 
be best to group it together with other filesystem statements 
like nfs. Then change directories to /etc/conf and type: 


config dfile 
make -f con g.mk 


followed by a check to see if any errors were detected. If all is 
well, move the newly formed kernel to the root directory with 
the following two commands: 


mv /hp-ux /SYSBCKUP 
mv ./hp-ux / 


Notice the ./ in front of hp-ux...this refers to the local file 
hp-ux in the current directory. Now you can reboot and pro- 
ceed to the Installation of LaserROM. 


HP 9000 Series 800 Computers 


In many ways, the 800 series is actually easier since the de- 
vice files are created automatically by connecting the disc 
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drive and then powering up the computer (HP-UX revision 
8.0 and higher). 

First, be sure to add the cdfs driver to the kernel if it is not 
already present. Verifying the presence of cdfs can be done 
with SAM. Select the Kernel Configuration -> menu item and 
then Add/Remove Subsystems ..., which will then display the 
state of various subsystems including cdfs (shown as CD- 
ROM/9000). If not present, cdfs can be added with SAM or 
you can edit the file /etc/conf/gen/S800 and add the line 
include cdfs; 

Its location is not important, although for readability it would 
be best to group it together with other include statements. 
Then change directories to /etc/conf/gen and type: 


uxgen $800 


followed by a check to see if any errors were detected. If all is 
well, move the newly formed kernel to the root directory with 
the following two commands: 


mv /hp-ux /SYSBCKUP 
mv ../$800/hp-ux / 


The first command makes a backup copy of the current 
kernel and the second moves the newly generated kernel to 
the root directory. Now you can perform a shutdown -h to 
halt the computer and then turn off the power before con- 
necting the CD-ROM drive. 

When the computer reboots, the CD-ROM should have 
been added to the /dev/rdsk and /dev/dsk directories. To veri- 
fy this, run the command 


ioscan -kf 


which will show all the devices that the kernel knows and the 
LU number assigned to the device. Look for the CD-ROM 
drive’s hardware path or address and verify that it has an LU 
number. The name of the CD-ROM drive will be: /dev/ 
dsk/c#d0s2 where # is the LU number. 

‘Test the disc drive with the /etc/diskinfo command as in: 


/etc/diskinfo -v /dev/rdsk/c9d0s2 
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where c9d0s2 is the name of the CD-ROM drive’s device file. 
This will report back details about the drive. If the command 
fails, the drive is not responding to the address specified in the 
minor number for the device file. Here are two example: 


SCSI describe of /dev/rdsk/c9d0s2: 
vendor: TOSHIBA 
product id: CD-ROM DRIVE:XM 
type: CD-ROM 
size: 194044 Kbytes 
bytes per sector: 2048 


or, 


CS80 describe of /dev/rdsk/c9d0s2: 
product id: 1707 
type: flexible or removable media 
size: 406269952 bytes 
bytes per sector: 256 


This completes the CD-ROM drive installation. 


Installing LaserROM/UX Code 

Now make a directory where each CD-ROM will be mount- 
ed (also known as the mount point). Typically, this directory is 
at the root, although subdirectories are acceptable mountpoints 
too. The mountpoint will be used to reference the CD-ROMs 
file system and can be any meaningful directory name. 


mkdir /CD-ROM 


Insert the HP LaserROM/UX Installation disc or the HP 
LaserROM/UX Documentation disc into the CD-ROM 
drive and use the mount command to add the disc to the 
mounted file system. For example: 


/etc/mount /dev/dsk/CD-ROM5S /CD-ROM -r -t cdfs 

where /dev/dsk/CD-ROMS is the name of the block special 
file for the CD-ROM drive. At this point, you should be able 
to see the files on the CD-ROM drive by typing: 


Ls /CD-ROM 


The contents of the LaserROM disk will be listed. If the 
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mount fails (typically: invalid argument), this is usually due to 
an incompatible disc placed in the CD-ROM player. 
LaserROM is currently recorded in ISO 9660 format (was 
High Sierra format). The cdfs code used to mount the disc 
can read only those two formats. 

If the mount fails but the CD-ROM drive is never ac- 
cessed (i.e., the activity light on the drive does not blink), 
the device file should be checked for the correct selectcode 
and HP-IB address. 

To view the revision date of the disc, type the following 
command: 


more /CD-ROM/BIN/LASERROM.VER 


Note that all filenames on LaserROM discs are UPPERCASE. 
The file LASERROM.VER will show something like this: 


A.02.03 

HP-UX 

1992 09 01 

HP LaserROM HP-UX 
HP LaserROM HP-UX 
HP LaserROM HP-UX 


where A.02.30 refers to the revision of the LaserROM disc for- 
mat, HP-UX refers to the documentation contained on this 
disc, and 1992 09 01 is the date code in the format yyyy mm dd. 

To complete the LaserROM installation, print a copy of 
the README file in /CD-ROM/UXINSTAL/README 
and follow the directions. This two-page document can be 
printed directly from the LaserROM disc using the Ip com- 
mand. You will be using the update program to perform the 
installation, which will take about 5 minutes. 

The new version of LaserROM/UX is version B.00.00 and 
can only be installed and run on HP-UX Operating System 
Release 8.0 or later. The graphical user interface of Laser 
ROM/UX requires the X Window System version 11, Release 
4 or later, also known as R4. Although not recommended, the 
new version of LaserROM/UX can be installed on an 8.0 (or 
higher) system and the graphical window can be redisplayed 
onto a pre-8.0 workstation. LaserROM/UX requires a user li- 
cense for every concurrent copy of the program. If 12 users 
will be running LaserROM/UxX at the same time, you will 
need 12 runtime licenses. 

If you already have the old version of LaserROM/UX in- 
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The classic LaserROM/UX code did not have com- 
pressed TIF code incorporated into the program. 
Therefore, the classic LaserROM program MUST BE 
upgraded to B.00.00, the current version shipped on 
every LaserROM disc. 

Starting with the June 1992 disc, LaserROM and 
InfoROM discs are in the new format (I’ll call it LR2 for- 
mat). The exception is MPE-V, which missed the win- 
dow and was converted the next month. (The PC version 
running under Windows 3 can read either LR1 or LR2 
discs without any changes) 


Here is a compatibility chart: 


CD-ROM’S: 
RETRIEVAL 
SOFTWARE 


<-MAY ‘92 
ALL DISCS 


JUNE ‘92 
EXCEPT MPE-V 


JULY ‘92-> 
ALL DISCS 


PC version ok ok ok 
A.02.04 


LaserROM/UX ok no no 
A.01.04 access access 


LaserROM/UX no ok ok 
B.00.00 access 


The first note is that LaserROM-II isn’t backward 
compatible so using the new software to read HP-UX 
7.0 manuals or any discs dated prior to June ‘92 will 
simply not locate any databases. 

Conversely, the classic LaserROM program 
(A.01.04) cannot read the LR2 datafiles so it will not ac- 
cess any discs from June ‘92 on (exception: MPE-V was 
updated July ‘92). 

Note: LaserROM-II (version B.00.00) runs only on 
HP-UX 8.0 (all platforms). 


stalled, the new version will not overlay any part of the old 
program files. Instead, LaserROM/UX version B.00.00 is a 
new program with new directories and a new way to start the 
program. 

The new LaserROM/UxX program cannot read the old 
CD-ROM discs dated prior to June 1992, and the old Laser 
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ROM/UX program cannot read the new discs from June 1992 
and up. See figure 2 for a compatibility matrix. 

If you plan to network LaserROM/UxX, be sure to look at 
the article in the August 1990 Interact that discusses network- 
ing options. 

To make the CD-ROM(s) mount automatically when the 
system is rebooted, you will need to make two changes: 


1. Add the CD-ROM(s) to the file: /etc/checklist. Here is an 
example for adding three discs: 


/dev/dsk/c7dOs2 /CD-ROM1 cdfs ro 0 O # HP-UX 8.0 
/dev/dsk/c8d0s2 /CD-ROM2 cdfs ro 0 0 # HP-UX 9.0 
/dev/dsk/c9d0s2 /CD-ROM3 cdfs ro 0 O # MPE-ix 4.0 


Note that for 800 series systems, you must use section 2 of 
the disc for mounting. Using any other section will produce 
strange results. Each disc is mounted to a unique directory 
and must have the word cdfs followed by ro (for read-only) 
and then two 0’s. 

To test the entries, use the following commands: 


/etc/mount -a -t cdfs 
bdf 
/etc/umount -a -t cdfs 
bdf 


This will mount and unmount all the CD-ROM discs. 


2. You must add an entry to /etc/re to mount the CD-ROM 
disc(s). Although all the HFS (or typical hard disks) are 
mounted within /etc/re, the CD-ROM file system is type cdfs 
so it must be explicitly mounted. Look for text similar to this 
in your /etc/rc file: 


hfsmount () 
{ 


# create /etc/mnttab with valid root entry 
/etc/mount -u 


# enable quotas on the root file system 
# (others are enabled by mount) 


C -f /quotas -a -x /etc/quotaon ] && /etc/quotaon -v / 


# Mount the HFS volumes listed in /etc/checklist: 
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/etc/mount -a -t hfs -v 
# (NFS volumes are mounted via net_start() function) 


After the line /etc/mount, add the following lines: 


# Mount the CDFS volumes listed in /etc/checklist: 
/etc/mount -s -t cdfs -v 


# Cleanup LaserROM after a hard reboot 

echo 

echo Cleanup /tmp and /usr/tmp for LaserROM 
rm -r /tmp/LR* 

rm -r /tmp/lrdira* 

rm -r /usr/tmp/ft* 

rm /usr/tmp/LR* 


The /etc/mount command with -t cdfs specifies that all the 
entries in /etc/checklist with a type cdfs will be mounted. The 
four rm commands remove any temporary files left by copies 
of LaserROM, for both the original version and the new ver- 
sion of LaserROM/UX. These files are small and contain di- 
rectory information to speed up access to the CD-ROM. 

After installing LaserROM/UX, you can obtain a printed 
copy of the LaserROM documentation by: 


lp -oraw -d<your_LaserJet> /usr/lrom/doc/*.LJ 


Note that these documents are in LaserJet (or DeskJet) format 
only and will require at least one megabyte of memory in order 
to print the graphic images. Since these files are more than 6 
megabytes in total, you may wish to delete the /usr/lrom/doc 
directory after you finish printing the manuals. 

Should you wish to reinstall the manuals at a later time, 
run update per the instructions in the README file, and 
rather than loading all the filesets, choose Select/View 
filesets, and then press the f6 key (View filesets) and move 
the cursor to LROM_DOC and type y to select this fileset. 
Then press f8 to return to the partition screen and start 
loading with key f4. 

One additional task remains after installing Laser-ROM/UX: 
configuring printers. If you are running the standard Ip spooler 
program with HP-UX, then there are no additional tasks to per- 
form. If you are running the optional HP OpenSpool package, 
or other third-party spooler packages, you must edit the printer 
definition script found in /usr/lrom/prnlist.gen. 
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This script looks like: 


..extra comments deleted 

# 

# 

# Default Command: this command will filter out everything except for 
# the printer names. 


lpstat -v | awk -F: '{ print $1 }' | awk '{ print $3 }!' 


If you type the above command, you will see a listing 
something like this: 


lpstat -v | awk -F: '{ print $1 }' | awk '{ print $3 }! 
clyde 

p3125002 

p3125007 

Lak 

Lj_me 


netlj3si 
Lj3_832 


Notice the blank lines? Although these have no effect on 
LaserROM/UX, they can be cleaned up by adding the grep 
command at the end: 


Lpstat -vjawk -F: '{ print $1 }'|awk '{ print $3 
}'|grep -v "4$" 


The grep command removes blank lines. The point is that 
prnlist.gen must produce a list of all the printers on the sys- 
tem, one line per printer name, with no additional text. You 
will need to modify this file to produce the printer listing 
shown here: 


clyde 
p3125002 
p3125007 
Lj_k 
Lj_me 
netlj3si 
j3_832 


Aust 


This will then be the list shown 
when printing from LaserROM/UX. 


Running LaserROM/UX 

To start the program, the command 
is lrom. If you are using a graphical dis- 
play, you set the environment variable 
$DISPLAY, or you may start the Irom 
program with the -display option as in: 


Lrom -display kobra:0 & 


Notice the use of the & character to 
place the program in the background so 
that you get the shell prompt back im- 
mediately. When assigning the $DIS- 
PLAY value, it must be the name of the 
computer where the display is to appear 
followed by :0 or :0.0 to indicate the 
display number. Here’s an example 


using sh or ksh as the shell: 


DISPLAY=kobra:0 
export DISPLAY 


Now, just the rom command may be 
used. If you are using a character termi- 
nal rather than a graphical display, the 
display option is not needed. Laser- 
ROM/UX runs on HP terminals as well 
as other non-HP terminals; be sure to 
look in the LaserROM/UX manual for a 
list of recommended terminals. 

lrom may be run on one machine and 
the output (the graphical display) may 
appear on an X/terminal or another 
computer’s display. Be sure to check if 
you have exceeded your LaserROM li- 
cense count by counting the number of 
users currently running the lrom pro- 


gram. This can be done with: 
ps -ef|grep Lrom|we -L 


which returns the number of processes 
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/usr/lib/X11/app-defaults/LRom file: 


### HP LaserROM/UX Application Defaults: 


### This file contains the recommended Application Defaults for HP 

### LaserROM/UX. 

### This file may be copied to the users home directory, and then changed 
### if the user desires different defaults than the system defaults. 


### BrowseWidth is the width of each panel in the browse window, 
### measured in font spaces. 


HHH 

### LRom*browseWidth: 35... OFIG .:. 
LRom*browseWidth: 56 

HHH 


### If you are running VUE use only these resources. 
### If you are not running VUE uncomment the color or monochrome 
### resources, whichever apply to your system. ### 


LRom*hitTermfg: NavyBlue 
LRom*hitTermbg: Pink 


#H## If you have a color monitor, without running VUE the following settings 
### are recommended. 

### To use these settings, remove the pound signs in the beginning of each 
### Line. 


HHH 
LRom*fontList: helvb12 
# LRom*Font: courr18 ... orig, use on hires only ... 
LRom*Font: courr14 
LRom* Foreground: White 
LRom*Background: CadetBlue 
LRom*highlightColor: Yellow 
LRom*hitTermfg: NavyBlue 
LRom*hitTermbg: Pink 
HHH 


### If you have a monochrome monitor, the following default settings are 

### recommended. To use these settings, first comment the VUE or color monitor 
HHH settings out, by adding a leading "“#" in the first column of each line. 
### Then, uncomment these settings by removing the leading "#" from each Line. 


# 

# 

# LRom*fontList: variable 
# LRom*Font: courr18 
# LRom*Foreground: White 

# LRom*Background: Black 

#  LRom*highlightColor: White 

# 
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with the text “Irom”. 

The Irom program will start and by default will look at the 
mountpoint /CD-ROM as the location of the LaserROM 
documentation disc. If this is not the mountpoint for the disc, 
or if you would like to add additional CD-ROM drives for 
multiple discs, edit the file /usr/Irom/.lromre according to the 
instructions in the file. Here is an example of a customized 
lromrc file: 


# HP LaserROM/UX-II CD-ROM mount point file 
# 

# cdpath = <mount directory> (repeat as necessary) 
# 

# For the Atlanta Response Center: 

# 

# /CD-ROMs/CD-ROM2 = HPUX 8.0 

# /CD-ROMs/CD-ROM3 = MPE-iX 

# /CD-ROMs/CD-ROM4 = MPE-V 

# /CD-ROMS/CD-ROMS = MPE-XL 3.1 

# /CD-ROMs/CD-ROM6 = HP-UX 9.0 

# 

# 


cdpath=/CD-ROMs/CD-ROM2 
cdpath=/CD-ROMs/CD-ROM3 
cdpath=/CD-ROMs/CD-ROM4 
cdpath=/CD-ROMs/CD-ROM5 
cdpath=/CD-ROMs/CD-ROM6 


Notice that multiple cdpath commands are allowed. These 
discs will be displayed on the Library window when 
LaserROM/UX first starts. Modify the.lromre as needed. For 
customization, individual users may edit a copy of /usr/ 
lrom/.lromre and copy it to their $HOME directories. This 
can be used to show only those discs needed by specific users. 


Customizing Irom on Startup 
There are several places where Irom’s appearance can be 


controlled. These are: 


= the command line as in: 
Lrom -bg red -fg white 


or 


® /usr/lib/X1 1/app-defaults/LRom 
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The man page for lrom will list the resources available to 
customize LaserROM/UX. However, placing all of the op- 
tions on the command line can be a bit cumbersome so use of 
the global X resource file /usr/lib/X11/app-defaults/LRom 
file simplifies this task considerably. This file is searched first 
for any resources to be applied to a copy of Irom. If the user 
has included some or all of the resources in a local $HOME/ 
.Xdefaults or in an X resource file such as .xrdb, then these 
local values will override any set in the global file. 

Finally, any resources listed on the command line will 
override anything preset in the X environment. Refer to 


FIGURE 4 


Series 300/400 9.0 Manuals 
on 600/800 9.0 Manuals 

series 700 9.0 Manuals 
Product Catalog : 
Application Notes 

“SSB Series 300 
Sop Series G00 
HP. Response Center Q&A's 


HP Solutions Gatalog 


ipport Application Guides 


figure 3 for an example of the LRom resource file. If you are 
running VUE, be sure to set only these resources: 


LRom*browseWidth: 35 
LRom*hitTermfg: NavyBlue 
LRom*hitTermbg: Pink 


The values can be changed but the rest of the resources 
such as LRom*Foreground should not be set, thus allowing 
VUE’s environment and color palette to control the appear- 
ance of lrom. 


File Customize Options 
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The Library Window 

The initial window (after the Copyright screen) is the 
Library screen (figure 4) and this will show all the mounted 
CD-ROM discs that are LaserROM compatible. If you have 
multiple CD-ROM drives, you must change the file: 
/usr/lrom/.lromrc to reflect the other mount points for the 
discs as previously mentioned. In figure 4, three CD-ROMs 
have been mounted and are found across the top of the 
Library screen. 

The first disc shown across the top will be the newest disc 
by date. For additional discs at the same date, the order then 
follows the .lromrc file’s order. When the Library window 
first appears, the Bookshelves and file Drawers will display the 
contents of the first disc. 

To add more discs to the list, just click once on any part of 
the disc’s title. The three-dimensional button will be de- 
pressed when the selection is active, and will toggle back to a 
raised position if it is not selected. Notice the scroll bar that 
appears to the right when additional discs are selected. This 
bar can be moved to view additional books and folders. 

To become familiar with LaserROM/UX, you can simply 
double-click on one of the bookshelves and a Browse window 
will pop-up. If you see the message: Sorry, only books can be placed 
in custom bookshelves, then you selected a folder and moved the 
mouse slightly during the double-click. 

When you double-click, depending on the speed of your 
computer, it may be a second or so before the hourglass shows 
up indicating action is occurring. Moving the mouse and 
clicking again can confuse LaserROM so be sure to wait for a 
bit if lrom is running on a slower machine like the HP 
9000/360 or the HP 9000/840. 


Another way to select Bookshelves for Browsing is to 
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click once on each bookshelf of interest (figure 5) and each 
item will be highlighted. Then select Browse (at the bottom 
of the window) and a new window called Browse will pop up. 
This window shows the bookshelves and folders shown on 
the left while the contents of the highlighted bookshelf are 
shown on the right (figure 6). Note that the colors used in 
the figures were selected by starting Irom with new colors 
for all the windows. 

To look at a specific manual, highlight the desired manual 
by clicking once on the icon or text of the manual and then 
click on Open at the bottom of the window. A shortcut is to 
double-click on the desired manual. Note the scroll bar on the 
right which allows moving up and down through the books. 


The Reader Window 

Rather than jumping directly into the first page of text, the 
Reader window (figure 7) first appears with the Table of 
Contents shown, to make it easier to view the book at a 
glance. To read a section, click on any text line that has an 
arrow pointing to that line. The image will change to the text 
of that page (figure 8). 

With keys to move through the document and search for 
text strings, the Reader window is very versatile, albeit a bit 
intimidating at first. Be sure to experiment; LaserROM is de- 
signed for the browser as well as the power user. Located at 
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the bottom of the Reader window are the buttons needed to 
move around in the manual, including Contents (for table of 
contents), Index (for the index at the end of the document), 
Library (which returns to the Library window), Snapshot (dis- 
cussed later), Close, and Help. 

A feature often overlooked by the new user is the ability to 
search on a keyword while browsing through the manuals. To 
do this, activate the cursor in the box marked Pattern Match 
and then type in some text. By pressing the Return key, the 
word will be searched throughout the current manual. There 
is an Option item at the top of the window that can be used to 
restrict a pattern match to just one section of the manual, but 
usually you will want to search the entire book when using the 
Reader window. 

Another feature of LaserROM/UxX is the ability to navi- 
gate rapidly through the documents using such features as the 
History button. This button allows you to go back to previ- 
ously viewed sections by clicking on the left arrow next to 
History: and to move forward with the right arrow. Similarly, 
the Section: buttons allow you to thumb through section by 
section. 

Another feature is the ability to take a snapshot or copy of 
the current window for future reference (figure 9). This win- 
dow is a copy of the current window and may be iconified for 
recall at a later time. Note that this snapshot window will stay 


FIGURE 8 


em administrator. 
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FIGURE 9 


_ Using the ‘Command fing 


even if you change the Library window to select different 
manuals or even different discs. 

If you’d like to print a copy of this, you click on the file se- 
lection at the upper left of the menu bar, and click on Print. 
The new window (figure 10) has the sections listed as well as 
options for printing. If the printer listed is not correct, click 
on the Printers... button and select from the list shown. If the 
list is blank, check the hori- 
zontal scroll bar in the Con- 
figured Printers box — it may 
be pushed to the right, in 
which case you can click on 
the left side of the scroll bar 
and it will return to normal. If 
no printers are shown, check 
the prnlist.gen script in /usr/ 
lrom for possible errors. 


0/400 9.0 Manuals 


The Search Window 

For a more thorough search, 
you may return to the Library 
window and after selecting 
some bookshelves and folders, 
click on the Search window 


* 


IHU 
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Setting Your Password . 
“3 Ga : oe fF Suppress Graphics 
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i Page break after each section 
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and the Search window will be displayed (figure 11). By enter- 
ing some keywords into the Search for: box, all the selected 
manuals can be searched. These books may even reside on dif- 
ferent discs (as selected in the Library window) for a very 
complete search. 

To look for just a title, for example, the man page for a topic, 
click on the diamond-shaped button labeled Headings rather 
than on the default button la- 
beled Text. This will find se- 
lections where keywords 
appear in the title, which can 
be somewhat faster, and also 
limits the search to topical 
rather than general choices. 

When the search is com- 
pleted, the books on the right 
of the search window will be 
arranged in order of the num- 
ber of occurrences for the 
keywords. This can be 
changed to the order found in 
the bookshelf (in the Library 
window under Search options, 
the Rank results choice). See 
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figure 12 for an example of several hits. 

In many instances, keywords are often to be found in the 
same context or same sentence. ‘To search for this connectivi- 
ty, LaserROM has provided the [ ] construct, which indicates 
that the enclosed words are to be within a certain number of 
characters of each other. Thus, to search on single user mode, 
the search pattern would be: [single user mode] 

Searches can also be approximated by using the * character 
to indicate trailing text (zero 
or more characters), or exact 
phrases can be stated with the 
use of quotes as in “regular ex- 
pression.” 

Many words are synonyms 
for each other and LaserROM 
has a feature called a The- 
saurus that makes acronyms, 
abbreviations, and common 
suffixes equivalent to each 
other. An example might be 
HP, which will also find oc- 
currences of H-P, Hewlett- 
Packard, and Hewlett Pack— 
ard, or memo, which will also 
find memos, memoranda, and 
memorandum. This feature 
can be disabled with the 
Search option settings. 
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ed /usr/contrib/x1 
ed fusr/contrib/bi 
exit 

mount hpuerck: /co. 
mkdir cdrom 


In figure 13, the entire screen has been displayed to show 
the relationship between the main window (the Library 
screen) and the Search screen. This pair (or the Library and 
Browse windows) can be iconified separately from the Reader 
window to make the display easier to read. 


Bookmarks and Graphics 

There are a number of special features in Laser ROM/ 
UX, including the ability to 
place Bookmarks or margin 
notes into the manuals. 
These notes can be used to 
explain a topic on which the 
manual is not clear, or to add 
new information not current- 
ly documented. Be sure to 
look at the LaserROM/UX 
User’s Guide for details on 
Bookmarks. 

Lastly, we'll look at 
graphic objects, which are 
often the best method to dis- 
play complex relationships. 
Graphic images occupy more 
than 80 percent of the disc 
space for LaserROM discs 
and are stored in a com- 


pressed format. When a doc- 
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ument contains a graphic image, it will be expanded automati- 
cally and displayed as best as possible on your graphics moni- 
tor. Note that the images on the CD are high-resolution and 
thus mapping these images to the lower resolution of a work- 
station may cause narrow text and lines to disappear. 

In figure 14, a flowchart for troubleshooting VUE prob- 
lems has been selected and you will notice that the image in 
the larger window is not easily readable. By using a click-and- 
drag over the area of interest, a zoom window is created that 
will show the magnified image. The image can be positioned 
with the scroll bars in the zoom window itself, or the click- 
and-drag box can be resized or moved and the zoom window 
will display the new area of interest. 

Graphic data is always printed at full resolution using PCL 
(only) codes. Graphic images can be quite large and an HP 
LaserJet will need almost one megabyte of internal memory 
to print the largest images. If you have a PostScript printer, 


you will need a PCL-to-PostScript filter program to change 
the format of the data. 


Character Mode for LaserROM/UX 

Not everyone has a graphical display device, thus Laser- 
ROM/VUX provides the terminal user with a powerful charac- 
ter mode interface. figure 15 shows an example of the initial 
window for Irom in the character mode. Although the window 
looks a bit complicated, it is fairly easy to navigate. 

The first rule is to learn the navigation keys such as the 
arrow keys and TAB key, which will allow rapid movement 
from section to section. The upper left-hand box (marked 
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Press the Return key to open this book; use Tab & arrows to move aroun 
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Available Shelves and Drawers) contains the list of CDROM 
discs with the letter A: designating the first disc, B: the sec- 
ond and so on. Anything highlighted in the upper box has 
been selected for subsequent searches...the lower left box 
(marked Search Scope/Browse Scope) shows a list of the se- 
lected items. 

To unselect or select an item, move to the appropriate box 
using the TAB key and then the arrow keys to move up/down 
within the box. Pressing the RETURN key will toggle the se- 
lection, that is, turn on/off the highlight bar. When changing 
selections in the Available box, the Search/Browse box will be 
updated to show the new choices. Both boxes will scroll up or 
down to accommodate any length list. 

In figure 15, you can see that the first four bookshelves 
have been highlighted in the Available box,and in the 
Search/Browse box, Series 400/400 9.0 Manuals have been 
highlighted. Note that when an item is highlighted in the 
Search/Browse box, the number of books or volumes is print- 
ed to the right, in this case, 184 volumes. At the same time, 
the right half of the screen changes to a list of the volumes in 
alphabetical order. In figure 16, 3 items have been selected 
(HP Solutions, Series 700 Manuals and Application Guides) 
and these choices are shown in the Search/Browse box. The 
Series 700 Manuals have been selected (194 volumes in the 
set) and a list of the manuals appears in the right half of the 
screen. By using the TAB key to move to the right half of the 
screen, you can select the Beginner’s Guide to HP-UX by 
moving the cursor to that line and pressing RETURN. 

The next screen (figure 17) shows the Table of Contents for 


| Beginner’s Guide to HP-UX 
|A Beginner’s Guide to Using HP-PHIGS 
|A Beginner’s Guide to Using Starbase 


| 
A:Product Catalog | 
| 

|ADB Tutorial 
| 
| 


A:Application Notes 
A:SSB Series 300 
A:SSB Series 800 |ALLBASE/TSOL Reference Manual 
|ALLBASE/NET User’s Guide 
|ALLBASE/SQL CG Application Programming G| 
|ALLBASE/SQL COBOL Application Programmi | 
|ALLBASE/SQL Database Administration Gui| 
ALLBASE/SQL FORTRAN Application Program 
ALLBASE/SQL Message Manual | 
| 194|ALLBASE/SQL Pascal Application Programm| 
Solutions Catalog(folders| |ALLBASE/SQL Quick Reference Guide 
upport Application Guides (b| |ALLBASE/SQL Reference Manual 
| |ALLBASE/SQL Release F.0 Application Pro| 
| |ARTCore Programmer’s Marmal 
| |ASSEMBLY LANGUAGE Reference Manual 
| |Administering ARPA Services 
| 
| 


|AdvanceMail User Guide 
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the Beginner’s Guide to HP- 


FIGURE 17 Scope—the Browse title has 


UX. As in the graphical version 
of LaserROM/UX, opening 
the Reader screen always starts 
with the Table of Contents. 
The cursor has been positioned A Beginner’s Guide to HP-UX 

; : -> A Beginner’s Guide to HP-UX : 
on the line: Getting to Know -» thi. Getting Started 


Table of Contents 


Before You Begin. . 

Chapter Contents 

Conventions 

For More Information. . 
Notes: 


Your System. By pressing the 
RETURN key, the Reader 
window displays the actual text 
as in figure 18. 

Text can be scrolled up/ 
down with the arrow keys, and 
for extra-wide documents, the 
left/right arrow keys will scroll 
the text horizontally. 

At any time, you can press CT'RL-G for additional help in 
navigating the screens. 

There are two other areas that are important to know: the 
top and bottom bars. The top will always be the main com- 
mand menu, much like the menu bar in windows. To access 


Visual Help for the User 


the file menu, just press CTRL-F. The current menu selection 
will be highlighted and once a pull-down menu is active, you 
may shift the menu left or right, just as in graphics windows. 
Figure 19 shows the Library screen but this time a keyword 
has been entered. By pressing RETURN in the Text Search 
box, all occurrences of the keyword will be located in those 
manuals that appear in the Search Scope box. Note also that 
the title of the lower left-hand box has changed to Search 


COPYRIGHT NOTICE 


=> Finding Information in this Manual 


Getting to Know Your System 


PAM--The Personal Application Manager 
The Key Shell: Visual Help for the Korn Shell 
TSM: Window-Like Functions for Terminal Users 


been removed indicating that 
a keyword search has been 
performed. 

Note that on the right half 
of the screen, a list of the 
books containing the keyword 
(fbackup in this case) appears, 
sorted by the number of oc- 
currences. If we position the 
cursor on the first line, 
System Administration Tasks, 
and press RETURN, then 
the Reader window appears 
with the Table of Contents as 
before...by positioning the 
cursor to the line: Determining How Often to Back Up Data 
and pressing RETURN, the data in figure 20 will be displayed. 

At any time, the shortcut keys can be used from the top 
menu to navigate the various menus in LaserROM/UX, char- 
acter mode. For instance, to select the file screen, type 
CTRL-F. Note that the character mode version will show the 
CTRL keys using the carat “ symbol which means use the 
CTRL key in conjunction with the letter given. 

I recommend browsing all the various menus to become fa- 
miliar with the various features of the character mode version. 
Its power can only be fully utilized when all the keystrokes are 
second nature, and for ease of use, all the shortcut keys are 
shown at the top and bottom of the screen. 


Getting to Know Your System 


Throughout this guide, you will see the term system administrator. The 
system administrator is someone who manages your system, taking care of 
such tasks as adding peripheral devices, adding new users, and doing 


system backups. In general, this person (who may also be called the 
system operator or something similar) is the one to go to with questions 
about implementing your software 


However, if you are the only user on a single-user system, then whenever 
this guide refers you to the system administrator, you should be able to 
get help from the system administration manuals that you have purchased 
with your system. If you need other kinds of information, it will help 
to identify someone in your organization who is experienced in HP-UX and 
who can provide help with user problems. If such a person isn’t 
available, your HP support engineer can also provide installation and 
maintenance help, in accordance wi 

ithin : 
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fasers/deptc 


Included files are defined with the -i option to the MRERQEM and frecover 
commands, or with a graph file. See "Graph Files" . 


Excluded Files 


Excluded files are those files within your list of included directories 
and files that you want to exclude from the backup. In other words, they 
ace the exceptions. 


Suppose that you have 100 departments and you need to back up the files 
for all of the departments except one. Entering in each department’s 
directory name would be a lot of work. 


In the example from the previous section on “included files," we listed 
out each directory from the example directory tree except for Department 
D’s directory. You can tell the fai and frecover utilities to 

thin book: n pr : A nd. ry=*L more- 


In Summary 

Having a solution online does not always solve the problem 
of distributed documentation. Indeed, many users will balk at 
the idea of losing their bookshelves and will tend to ignore 
HP LaserROM as a solution. So what steps can the site ad- 
ministrator take to encourage the use of HP LaserROM/UX 
as an information tool? 

1. Publicize the direct cost of paper documentation: 

Paper manuals are now priced separately and this cost is no 
longer insignificant. HP LaserROM subscriptions are far less 
expensive than multiple copies of the paper manuals. 

2. Contrast the costs in paper maintenance versus HP Laser- 
ROM: 

Often, the cost to maintain paper manuals far exceeds the 
initial cost of the manuals. Updates to manuals are shipped on 
a regular basis, yet the users seldom have the time to perform 
the update. Now, the manual is out of date unless the user also 
searches the page changes. 

3. HP LaserROM discs provide a truly complete index: 

Manuals have partial indices developed either manually or 
with the help of a word processor’s indexing tools. In either 
case, an index of every interesting word is not often provided. 
HP LaserROM data discs have 100 percent coverage for in- 
teresting keywords (not every word is indexed; uninteresting 
words such as ‘the’ are dropped). 

And LaserROM’s thesaurus option allows finding words 
with extensions such as ‘s’ or ‘es’. 


Here are some examples: 


I HINUSe 


KEYWORD 


HP LASERROM/UX LOOKS FOR THE 


ENDING IN: SAME STEM ENDING IN: 
y y, les, ie’s 

ey ey, eys, ey’s, les, ie’s 
ies, 1e’s Y, ey, les, ie’s 

eys, ey’s ey, eys, ey’s 

es, e’s e, es, e’S 


For more examples, click on the Help menu or type 
CTRL-H and select the thesaurus subject. 

4. Time to direct access of data can be much faster: 

Sophisticated users may feel lost with HP LaserROM since 
its appearance is different from that of the paper copies. ‘These 
users will often point to their ‘Auto-parts’ manual display, 
showing with pride the ability to locate information in a few 
seconds. With experience, the same users can become HP 
LaserROM/UX gurus and locate in even less time, the partic- 
ular information needed. 

5. Casual users find information much more quickly: 

For system administrators, locating details on setting up a 
particular printer, or changing a network function may mean 
hours of searching paper manuals. 

LaserROM/UX can be an excellent tool for the individual 
user as well as for the large systems administrator by providing 
immediate documentation on request. 0 


Bill Hassell is a Hewlett-Packard Response Center engineer at the 
North American Response Center in Atlanta, Georgia. He has 
been supporting HP-UX software products since September 1990 
and previously worked for 12 years in the Neely Sales Office in 
Mountain View, California, supporting HP 1000s and RTE. 
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WELCOME To /p-ux/usr, the new IN- 
TEREX publication for the HP-UX 
member. I am very excited about the op- 
portunity to contribute to this publica- 
tion and I look forward to sharing many 
interesting items over the coming months. 
In case you are new to the INTEREX 
family, I am the chairman of the Con- 
tributed Software Library for HP-UX, 
CSL/HP-UX (how we techie types love 
acronyms!). 

The CSL is a collection of useful soft- 
ware submitted by the INTEREX mem- 
bers. By sharing the fruits of our labors, 
members hope to encourage others to so 
the same, increasing the value of the library 
for all. The role of the CSL commnittee is to 
encourage this sharing, to manage the li- 
brary, and to produce an annual release. 

1993 marks the fifth year of production 
for the CSL. Much of our success is a re- 
sult of the hard work of Art Gentry, who 
single-handedly got it started back in 1988. 
Many thanks Art! The team has grown 
since then, with individuals coming and 
going as their jobs change back home. 
Despite the shifting of people, the CSL 
has continued to grow and branch out. 
I recently reviewed the 
progress the CSL has made 
since the beginning and I 
will share some of the num- 
bers I came up with. 

As you can see from 
‘Table 1, we have collected 
and released more than 200 
megabytes of software to 
the HP-UX membership. 


It shows a real commitment SWAP RELEASE 
on the part of the members Orlando (1988) 
to make the CSL a viable San Fran. (1989) 


benefit of membership. 
Without the contributions 
to build on, the CSL would 
be much smaller and far less 


Boston (1990) 


San Diego (1991) 
New Orleans (1992) 


useful to the average user. I am also very 
satisfied with how well the swap tape has 
grown. The conference swap tapes con- 
tinue to be the major source of new con- 
tributions for the annual release. 

In my last column (Interact, January 
1993) I reviewed some of the contribu- 
tions from the 1992 release and the New 
Orleans Swap. I thought I would high- 
light three more that caught my atten- 
tion in the area of integration. 


BSDTIMESYNC (Synchronize Net- 
worked System Time) 


Wendy King of the Naval Observatory 
provided this rather unique contribution. 
Keeping systems synchronized, especial- 
ly in a time-critical environment, is al- 
ways a challenge. This contribution will 
help keep your HP-UX systems “up-to- 
date,” and she has provided the pieces to 
run under RTE-A as well. 


WHOZN (Who is logged on) 


Steve Gauss, also from the Naval Ob- 


servatory, provides this multi-system util- 


HP-UX CSL and Swap Library 


NUMBER OF 
CSL RELEASE CONTRIBUTIONS 


2934 (1989) 
3046 (1990) 
3110 (1991) 
3217 (1992) 


NUMBER OF SIZE IN 
CONTRIBUTORS MEGABYTES 


98 18.9 
44 5.6 
38 191.8 
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ity to determine who is logged on your 
system. WHOZN is another example of 
the ability to integrate RTE systems into 
the HP-UX environment. Users might 
find it interesting to study the imple- 
mentation to get a feel for what is in- 
volved in integrating RTE and HP-UX. 


T 

This package was a featured paper at 
the 1991 San Diego Conference and con- 
sists of a collection of programs that func- 
tion much like a remote procedure call 
(RPC). It facilitates the implementation of 
distributed applications and functions 
over a network, including RTE systems. 
Jean-Louis Matton has provided a very 
functional collection of programs, sub- 
routine libraries, and sample implemen- 
tations that should help users utilize this 
package to its advantage. 0 


Paul Gerwitz is chairman of the CSL/HPUX 
committee and is a system analyst at Eastman 
Kodak Company in Rochester NY. He can be 
reached at 716-477-3067 or e-mail at ger- 
witz@interex.uucp or gerwitz@ kodak.com 
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AUTOMATE YOUR UNIX 
STARTUP / SHUTDOWN PROCEDURE 


Have you lost ailure? 


Have you lost 


Do you "stand watch" 
execute a startup or s 


Or do you have to perform the startup/shutdown 


for each of your wae 


7020 SPECIFICATIONS 
Number of AC Power Output 4 (CPU 2, Peripherals 2) 


Maximum electric Control ISA 
Interface RS-232C 
AC Input (V) 90 - 132 
Frequency (Hz) 47 - 440 
Power Consumption (W) 3 


Dimension Hx Wx D(mm)_ 724 x 270 x 1774 


Weight (Kg) 2.5 


ISA's Model 7020 provides a system administrator 
the ability to automate the proper startup and shutdown 
procedures involved within the UNIX operating system, 
eliminating operator intervention. Combined with a UPS, 
the 7020 can handle the shutdown procedure in the event 
of a power failure. By customizing the shell script, the 
administrator can schedule the date and time a startup or 
shutdown is executed, and control the order in which the 
computer and peripherals are powered on. 


Call Texas ISA at 713-493-9925 
for current pricing and information. 
@ 


ISA Co., Ltd. 
Sunrise Shinjuku Bldg., 2-4-15 Okubo, Shinjuku-Ku, Tokyo 169 Japan 


Tel: 3 - 3208 - 1150 Fax: 3 - 3208 - 1335 
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Now, you have easy access to unlimited storage options. Bering — the preferred name in peripherals for Hewlett Packard computer 
users — provides a complete line of tape drives, removable cartridge drives, fixed hard drives and combination subsystems. You can 
count on Bering for compatibility, reliability, convenience and service. 


Our newest feature, standard on many of our models, allows conversion from HP:IB to SCSI interface with the simple push of a button. 
Migration to the latest SCStbased computer systems is easy and economical. Bering’s unique builtin dual interface switch allows the 
same drive to integrate with either interface. 


That's extra value, and yet another good reason to buy Bering. 


Convert between SCSI and HP-IB interfaces 
with the simple push of a button. 


4mm DAT/DDS 
Technology 


ECHO Series 

High Performance, high Capacity Rewritable 

26B DDS Tape Cartridge Backup = M io-Ontical 

Subsystem. Fast, efficient and cost SS agneto-Uptica 

effective. HP DDS compatible. SCSI and/or HP-IB interface. Tech nology = : 
OPTIPAC : — 
Series : 
Up to 128MB on 3.5-inch, or 
650MB to 1GB with 5.25-inch 


g Technol cartridges. Rewritable, Removable Magnet 
- PAM lecnne oy, combination with a fixed hard drive up to 500MB. SCSI and/or HP.IB. 
| ECHO Series Multifunction model also available. 


| High Performance, High Capacity 
- Tape Backup Subsystem. Up to 

| 5GB on an inexpensive cartridge. 
_| SGI and/or HP-IB interface. 


ernoulli® Technology 


MULTIPAC Series 


ingle or Dual, 4MB or 90MB Removable 
artridge Drive models. Available in combin- 
ion with fixed hard drive. HP-IB interface. 
_90MB model with SCSI and/or HP-IB. 


Winchester 

Technology me 

ECONOPAC II oe 
Series q arent 

High performance 80MB to 1.7 GB = ecnnology 
fixed hard drives for basic storage : sai MEGAPAC 
needs. HP-IB and/or SCSI interface. HP-IB drives are available with Serie S 


2.0MB FDD. Designed and tested to replace the discontinued HP9153C 


hard disk and floppy disk drives. Single or Dua, 44MB or 8BMB 


Removable Cartridge Drives. 
Available in combination with = — 
fixed hard drive. SCSI and/or HP-IB interface. 


HP 4000, 1000 and 3000 compeder tatir—_ 
the horace opliom oneal bi Me +4: POY ne 


™ Bering Industries, Inc. 
246 East Hacienda Avenue 
©1992 Bering Industries, Inc. Campbell, California 95008 
oe 800 237-4641 408 3;'9-6900 
Other product names are trademarks of their respective owners 
.. ..... ...... | 


fax 408 3 74-8309 
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UCSEDIFACTODETTE 


PURCHASEORDERINV OICECHARGEBACKRE QUESTFORQUOTECHARGEBACKFUNCTIONALACKNOWLEDGEMENTCOMPLIANCEERRORAUDITTRAILSCOMMUNICATIONSPASS 


WORDEDIIDEDIQUALIFIERINTERCHANGEGROUPTRANSACTIONSETVERSIONSEG MENTELEMENTSUBELEMENTSEPARATERTERMINATORMAPPINGLOOPINGCALCULATIONS 


LINESPEEDPROTOCOLTRADING PARTNERRELATIONSHIPAGREEMENTSBAUDRATEMODEMDEDICATEDLINEDIANLUP YESTHISISASUBLIMINALMESSAGEBU Y GENTRANPARTNERPROFILESCONTROLRECORDSUSEREXITSVALUEADDEDNETW ORK PARTNERDIRECTQUEUESPROCESSINGSTREAMSGENTRANFORUNIX 


Need glasses? 


Nope. 
You need GENTRAN 


The complete Electronic Data Interchange system 
for your HP 9000 and other UNIX platforms. 


Call 1 800 879-3341 and we’ll fax you more information. 


STERLING 
| SOFTWARE 


ORDERNET Services Division 


Sterling Software-The World's Largest EDI Solutions Provider. 
EDI Software ¢ EDI Network Services ¢ EDI Education & Training 
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Many PEOPLE MISUNDERSTAND how to set up serial terminal data 
communications in HP-UX. While there are tools such as sam! 
to help the system administrator set up terminals and modems, 
only an understanding of the programs involved allows the ad- 
ministrator to configure ports to work properly with certain ap- 
plications and to prevent confusing data displays. 


AN OVERVIEW OF THE PROGRAMS AND FILES 


The programs involved in terminal or modem connection 
are init and getty. These programs together provide the user 
with the gettydefs file, configure the serial ports, and start the 


user’s initial login process. 


Init 

Init is the parent of all the other programs on the system. If 
you execute ps -ef on your system, you will see a process iden- 
tification number (PID) and a parent process identification num- 
ber (PPID) for each active program. If you trace back the parent 
process and look at its PPID, you will find they all trace back to 
init, which has a PID of 1. 

When init first runs, it looks in the file /etc/inittab for the pro- 
grams to start. For terminal ports, the process to be scheduled 
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on each port is /etc/getty. This is done by having an entry in 
/etc/inittab that is of the form 
identifier:state:action:program to execute 


A sample looks like 
tt01:2:respawn:/etc/getty -h -t 60 tty0p1 9600 
where: 


The 7t01 represents the unique identifier. The man pages 
recommend that this be four characters, but fewer are permit- 
ted. Failure to make this unique will result in the program never 
being executed. 

The 2 is the run state. The default multi-user state is state 2. 
When running in single user mode (state s), this process would 
not be executed. Multiple states can be specified, such as 23, 
which would cause the process to be run in both state 2 and 
state 3. This can be useful in such situations as when the ad- 
ministrator might wish to disable certain ports during certain 
times. For example, one may wish to disable certain ports at 
night or prohibit modem access when processing paychecks. 
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ILLUSTRATION BY JOHN HERSEY 


getty and login 


By enabling all ports in state 2 and only certain ports in state 3, 
changing states by executing init 3 will disable any login at- 
tempts from those ports without the 3. 

The respawn tells init that if the process dies for any rea- 
son, it should be restarted. Thus when a user logs off and the 
shell disappears, init restarts (respawns) the getty process. If 
the user fails to log in within three attempts, login terminates 
and init also respawns getty. In either case, the system sig- 
nals init that its child process has terminated by sending it a 
signal 18. 

To disable a port, use an off instead of respawn. This allows 
you to keep the entry in the inittab file without it doing any- 
thing. 

What follows is the program to be executed and all its pa- 
rameters. For terminals and modems, the program getty is 
used. 


Getty 

/etc/getty is the process used to set up serial terminal and 
modem ports and to provide the initial login prompt. 

In the typical case, its parameters look like: 


/etc/getty -h.-t 60 tty0p1 9600 


where the -h tells getty not to reset the port before setting its 
speed. It is an optional parameter for hardwired? ports but re- 
quired for modem ports because resetting them prior to set- 
ting the speed can result in the port not working properly. The 
-t 60 option is useful but not required for modem ports. It re- 
quires that a successful login occur within the specified time 
period or the line will be dropped and the modem will hang 
up. This provides a measure of security. If a user cannot type his 
login name and password within the specified period, he either 
does not know what he is doing, or might be attempting to 
break into the system. A time of 30 to 60 seconds is typical. 

The ttyOp/ is the port to which the getty will attach. Getty 
will precede it with a 
/dev/ to create the full 
device name. 

If a port is not to be 1200 
used for login, e.g., a print- 
er port, a getty should 
NOT be set up on that 
port. Be careful that you 
do not set up multiple 


FIGURE 1 


#login: #2400 
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Typical getty entry 


#B1200 HUPCL IGNPAR PARENB ICRNL IXON OPOST ONLCR CS? CREAD 
ISIG ICANON ECHO ECHOK PARENB ISTRIP IXANY TAB3 SANE 
#B1200 SANE CS7 PARENB ISTRIP IXANY TAB3 


getty entries for a single port. This most often will occur when 
a user sets up a port as hardwired, then later decides to change 
it toa modem port. 

The last parameter, 9600, is probably the one most misun- 
derstood by system administrators. It does NOT represent the 
baud rate of the port but in fact represents a label in the /etc/get- 
tydefs file. 

The getty program sets up a terminal port, displays the con- 
tents of /etc/issue and issues the initial login prompt. When the 
user types a login name, getty invokes the login program which 
prompts for the user’s password. 


/etc/gettydefs 

The gettydefs file consists of records (see figure 1) which 
define port parameters and login prompt. Records are separat- 
ed by a blank line. Each record is organized as follows: 


Label # port parameters prior to login # port parameters after login 
# login prompt # next label 


Records can span multiple lines and may look like: 


Label # port parameters prior to login 
# port parameters after login 

# login prompt 

# next label 


The # does NOT represent a comment as it would in a shell 
command script. It is simply a field separator for the record. 
This sometimes confuses new administrators. 

The label field is an alphanumeric label from the getty com- 
mand line. While the number 9600 typically represents 9600 baud, 
other label names such as local, TERMS, Local96 might also mean 
the same thing. While it may be confusing, the 9600 entry might 
be a label pointing to a 2400-baud entry. The label is simply a 
pointer to the information for getty. As it turns out, in HP-UX, the 
label H, rather than the 
label 9600 should be used 
for 9600-baud hardwired 
terminals. 

What follows are the 
terminal settings that 
getty should set up prior 
to login. A typical entry 
might be: 


IAL st 


B9600 HUPCL CS7 PARENB HUPCL ISTRIP IXANY TAB3 SANE 


The different parameters are discussed in the man pages for 
stty so I will not go into detail on them now, but a few used in 
the other entries are significant for this article. 

CS7 — means that the port is set to use seven-bit data 
transfer. This is the HP default for all but the H and console 
entries. 

PARENB — means that parity checking is enabled. 

HUPCL — tells getty to send a hang-up signal to the port 
when it is closed. For modems, this will request the modem to 
disconnect. For hardwired ports, this has no effect. 

B9600 — this is the parameter that sets the actual baud rate 
for the port. 

The lack of a PARODD parameter means that even parity is 
set. To use 8 bit with no parity, change the CS7 to CS8 and re- 
move the PARENB. 

The next field contains the parameters to be set after login. 
Make sure that the parameters for baud rate, parity and number 
of data bits agree with the parameters used for the pre-login set- 
tings or unexpected results may occur. 

The following field is the login prompt field. While this gen- 
erally is login:, it may be changed. For example, the console 
entry has the prompt Console login: as its default. 

The last field is the label field that getty should use if the 
break? key is pressed prior to login. For the console, 19200 
and H entries, this is set to loop back to itself, which inhibits 
changing baud rates. For the others, they are set to cycle 
through baud rates from 300 to 9600 starting at the value 
specified by the appropriate label. ‘This is useful for modems 
where a user might connect at other than the initial speed. In 
this case, depressing the break key until a readable login: 
prompt is seen means that getty has now set the port to the 
same speed the user is using. For hardwired ports, this can 
cause problems. Accidentally powering off a hardwired termi- 
nal will result in sending a break signal. ‘The next time you 
power it back on, you will have to hit the break key until getty 
responds at the right baud rate. 

If you wish to change entries from the defaults provided by 
HP, I would recommend you add new entries rather than mod- 
ifying existing ones. Figure 2 shows an example of an entry for 
a directly connected 19200-baud terminal and one for a modem 
which is limited to the speeds 9600 and 19200. 

One very important act is to check your gettydefs file. ‘This 
can be done by executing /etc/getty -c gettydefs. 
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tibbt New gettydefs entries and sample 


inittab entries 


M9600 #B9600 HUPCL SANE CS8 ISTRIP IXANY TAB3 
#B9600 HUPCL SANE CS8 ISTRIP IXANY TAB3 
#login: #M19 


#B19200 HUPCL SANE CS8 ISTRIP IXANY TAB3 
#B19200 HUPCL SANE CS8 ISTRIP IXANY TAB3 
#login: #M9600 


#B19200 HUPCL SANE CS8 ISTRIP IXANY TAB3 
#B19200 HUPCL SANE CS8 ISTRIP IXANY TAB3 
#login: #H19 


tty1:2:respawn:/etc/getty -h tty3p2 H19 
tty2:2:respawn:/etc/getty -h ttyd3p3 M9600 


MODEM CONTROL 

When getty is used with modems, you must remember to 
set up the port as a dial-in device rather than a hardwired one. 
Dial-in devices should have the name ttydxxx rather than ttywxv. 
While this is not an absolute necessity, it has become “standard” 
to define modem ports in this manner. 

When getty is used with dial-in devices, it will raise the Data 
Terminal Ready* (DTR)> signal to the modem to indicate that 
the computer is able to accept a connection. ‘The getty waits on 
the port in a “partially open” state allowing the port still to be 
used for outgoing traffic such as kermit, cu or uucp (bidirec- 
tional port)’. When a user dials in, the modem should be set to 
indicate that it has received a carrier from the user’s modem by 
raising its carrier detect (CD) signal. 

The presence of this signal causes the getty to make full con- 
nection with the port unless the port is in use with an outgoing 
program. When the user logs off, the DTR signal will drop (un- 
less you forgot to put HUPCL in the gettydefs entry), telling the 
modem to disconnect. If a connection is made and the user is 
running a shell or other program and all these programs termi- 
nate abnormally, the user will also be disconnected. Similarly, if 
the user’s telephone connection is abnormally terminated by 
disconnecting without logging off or by modem problems, the 
modem will drop CD and the system will abort the user’s pro- 
grams, effectively logging them off. 
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getty and login 


On some UNIX systems, you must use uugetty for bidirec- 
tional ports. Uugetty is not required on HP-UX systems ex- 
cept for bidirectional hardwired ports. Port contention is 
controlled by prioritizing requests, with connection requests to 
the hardwired device being highest, followed by dial-out® then 
dial-in. So if getty is waiting on a modem device in a “partially 
open” state and a dial-out connection is desired, the dial-out will 
open the device. When the modem asserts CD, the dial-out will 
see and respond to the signal and the getty will not make a con- 
nection, thus avoiding interference. 


TESTING A PORT 

Some simple tests can be done to verify ports. ‘The following 
is only a simplified list which demonstrate some of the things I 
have discussed in this article. 


Modem Getty Tests 

For modem ports, you can test for the “partially open” state 
on a getty by executing ps -ef | grep getty. On the modem 
port when there is no connection established, you will see a ? in 
the tty column of the ps output. If you observe the ttydxxx port 
name, you either are not using a modem port, have the wrong 
cable, or have,the modem misconfigured. 

Once a connection is made, and even before you log in, the 
getty entry will change from the ? to the port name. At this 
point, the getty is fully connected and any attempt to use the 
direct or dial-out device will result in a busy return from the sys- 
tem to the program attempting to acquire the port. 

Some simple tests that can be run are: 

1. Kill the getty when there is no connection and observe the 
DTR light on the modem. It should momentarily go off, then 
come back as the getty is restarted by init. 

2. When a connection is made and a user is logged in with the 
shell prompt, kill the user’s shell. You should see the DTR light 
drop as above and the user should be automatically logged off. 
3. When a new connection is made and a user is logged in with 
the shell prompt, have the user hang up his modem without log- 
ging off or just simply disconnect the phone jack from the 
modem. You should observe the CD light going off, followed by 
the DTR light, and the user should be automatically logged off 
the system. 

Failures of any of these tests are most likely caused by using 
the wrong cable, modem settings not being correct, not using a 
modem port, not using HUPCL, or a program or script trapping 
the hang-up signal from the system. 
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Baud Rate and Parity Tests 

Some simple observations can tell you if you have the wrong 
baud rate or parity. If you see characters that look somewhat 
recognizable like 


loOiY: 
instead of 


login: 


you most likely have a parity rather than a baud rate problem. On 
the other hand, if the output is totally unrecognizable but is about 
the right length, you probably are running at the wrong baud rate. 
Try hitting the break key until you see a proper login prompt. If the 
port is set up not to change baud rates, the garbage displayed will 
probably repeat exactly the same each tme you hit the break key. 


Post Login Test 

After logging in, if you think the parity setting 1s wrong or you 
want to find out what baud rate you are using, type stty -a. This 
will show the same parameters used in gettydefs except that 
they will be in lower case. 0 


John A. Pezzano is an HP Response Center Engineer in Atlanta, 
Georgia. Before moving to Atlanta, he spent seven years as an SE in 
the H1P office in El Paso, Texas, supporting HP-UX systems. 


1 In this text, I have used bold to indicate actual program, parameter or file names or for 
actual displayed information. | have used /talics to indicate that the information rep- 
resents an item rather than the item itself. 

2 | define hardwired ports to mean those ports directly connected to terminals, data 
multiplexers, or modems which do not utilize any signal lines other than the RS-232 
pins 2 and 3. 

3 On personal computers using terminal emulators, the user is usually required to use some 
other key or combination of keys to send a break. A break is not a character but is a 
200ms space. 

+The modem control signals described here are accurate only where CCITT is not 
used on the port. In the United States, CCITT is not used and it should not be en- 
abled. CCITT is enabled by setting an appropriate bit when setting up the port for 
modem control. 

5 D'TR usually is indicated on the modem by a light labelled TR. Not all modems have 
lights. 

6 ‘This is my name for this condition. It is also called “open pending”. It means that the 
“open” request blocks waiting for CD. 

7 Bi-directional indicates that the port can be used for dial out or hardwired outgoing con- 
nection when there is no active incoming connection. 

8 The dial-out device is usually designated culxxx. There may be another device file, 
cuaxxx, which is the autodial device, a holdover from modems used years ago where 
you had to provide modem commands on one line (the cuaxxx) and connected to the 
remote end on another (the culxxx). The cuaxxx device file should be set to a hardwired 
device. 
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Color 
Resources 


by 
Bill Hassell 


SEVERAL PEOPLE have been asking about 
the color resources for Irom versus laser- 
rom. In the classic laserrom, there were 
some 15-20 different color resources that 
could be specified either in the /usr/ 
lib/X11/app-defaults/ LAserrom file, lo- 
cally in .xrdb or the .Xdefaults files, or at 
runtime with the -xrm option. 

lrom has only a handful listed yet 
there are many, many colors used that 
are not accounted for in the man pages 
or the LRom file. The most obvious 
color definition not found is the back- 
ground for text windows such as the 
Library screen or the Reader window. 
The X resource for -bg or -background 
controls the frame around these boxes 
but the background behind the manual 
lists (Library window) is darker than the 
background color. 

The secret is that many of the unde- 
fined colors are developed from the pri- 
mary color, that is, the font background 1s 
a slightly dimmed version of the LRom* 
background resource. This is in accor- 
dance with current Motif programming 
style so there is no resource to control the 
font background. 

Should the color not be available (be- 
cause the display has run out of colors), 
the result will be black for a dimmed re- 
source. Thus, if you see lrom come up 
normally but the Library screen has the 
text for the manuals on a black back- 
ground, lrom was refused a color alloca- 
tion request (i.e., the old error: Could not 
allocate color xxxx) by the display so it.re- 
verts to black. 

The solution: get more memory 
planes for your display, or figure out 
what colors can be consolidated for the 
current set of applications. ‘This most 
often is a problem with 6-plane (64 
color) displays that are on older work- 
stations. 


Super-Drive CD-ROM Player 

The gauntlet was thrown down as 
NEC released its double-speed CD- 
ROM drive, rotating at twice the ‘stan- 
dard’ speed for CDs. Now Pioneer has 
announced a quadruple speed CD player, 
and it’s a6 CD changer too! 

The new DRM-604X has a SCSI in- 
terface, transferring sequential data from 
the drive at 600 MB/sec, four times the 
normal speed of 150 KB/sec. As men- 
tioned in previous articles, the 150-KB 
limit is imposed by the audio CD her- 
itage that CD-ROM discs share. 
Normally, one would assume that simply 
spinning the disc faster would be an easy 
solution. 

The problem lies with multimedia, par- 
ticularly interleaved sound where the sound 
is recorded in standard CD format. 
Rotating at high speed will cause a typical 
Alvin and the Chipmunks type of audio. 
By using large buffers and quick drive mo- 
tors, the disc speed may be adjusted quick- 
ly, thus keeping the high speed transfer 
rate for ROM data and the audio still intact. 
However, most CD-ROM applications 
are currently data-only, so audio (which 
can’t be shared) is not much of an issue. 

As previously reported, CD-ROM 
changers have been difficult to roll into 
multi-user situations, primarily because of 
the thrashing that can occur as multiple 
users attempt to read multiple discs. 
Change time was measured in 10-15 range, 
which made the problem even worse. 

However, the new Pioneer now 
changes discs in only 5 seconds, and cou- 
pled with the high-speed transfer rates, 
this product looks very attractive in terms 
of a multi-user disc system. 


Irom Bug for HP-UX 9.0 
This is to alert you that there is an in- 
termittent lrom crash when running on 
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laserrom/ux 


9.0 systems, the symptom is: 

From Reader window, select Library, 
double click to open a different book. The 
Reader window display does NOT get 
updated with the new book. After sever- 
al tries, lrom may terminate abnormally. 

‘The workaround is: Close the Reader 
Window(current book), then select an- 
other book to open. 

This problem has been fixed and will 
be rolled out in the next lrom patch 
release. 


True Blue Lasers in the Future 

Who would have thought that 600 
megs isn’t enough? Well, as the cost to 
reproduce and distribute massive quanti- 
ties of data continues down with the pop- 
ularity of the CD-ROM, it’s no surprise 
that someone is looking at increasing the 
data density for future CDs. 

Current CDs (audio or CD-ROM) use 
red beam lasers to read the data and the 
traditional 74 minutes of audio or 600 
megs of data has not changed since the 
late 70s, when CDs were first invented. 
Sony labs have been experimenting with 
a blue beam laser semiconductor that may 
some day allow audio discs up to 3 1/2 
hours on the standard 5-inch CD or 1700 
megs of data on the CD-ROM. 

Don’t hold your breath yet...the laser 
must be cooled with a liquid nitrogen bath 
before it turns on, so these new long play 
CDs are several years away for the con- 
sumer’s market. 


Custom CDROMs for 
Less Than $300! 

Costs of up to $1,000 to master a sin- 
gle CD-ROM have been common for the 
last year or so, but a recent ad in PC mag- 
azine from Isomedia (Redmond, WA) 
shows that it can be done for $269 for one 
disc. Just get your data onto tape and get 
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your CD-ROM back in 3 business days. 

No details about the format require- 
ments (i.e., cdfs format or just a DOS file 
system). For more information, call (206) 
869-5411. 


Low Cost CD-ROM Titles 
Walnut Creek CD-ROM is offering 

large collections of programs, source code, 

even pictures for as little as $25 each. 

Titles are: 

# 8,300 MS-DOS programs in many in- 
terest areas, $24.95 

= Hundreds of Windows programs and 
utilities, $24.95 

= PC source code CD, FORTRAN, 
Pascal, Modula, C, $39.95 

= Desktop Library: Historical documents, 
references, $39.95 

# OS/2 CD: 2,000 OS/2 programs, $24.95 

= GIFs Galore: 6,000+ full color pictures, 
$24.95 

# CD-ROM caddies (probably ‘Toshiba 
style) for $4.95 each. Call the distribu- 
tor at (510) 947-5996. 


Complete Street Atlas 

For only $99, you can get over $5,000 
worth of maps on a disc. Street Atlas USA 
uses XMap software to provide seamless 
maps for every state, locating the exact 
map by zip code, phone number, street 
or place. The control panel allows posi- 
tioning the map, zooming in/out, even 
clipping the image for printing. The pro- 
gram requires 3.x Windows with stan- 
dard VGA display. From DeLorme Map- 
ping, (207) 865-1234. 


PhotoCD Update 

Here is a summary of a list prepared 
by Kodak on CD-ROM drives that have 
been tested by Kodak for compatibility 
with PhotoCD. As usual, these are non- 
Kodak products so continued compati- 


bility is not guaranteed nor is compat- 
ibility guaranteed with every platform. 


VENDOR MODEL AND NOTES 
Phillips/ CDD461 with driver 1.03 or later 
Magnavox 

Sony CDU-6205 (XA external drive) or 


CDU-835 (XA internal drive) or 
CDU-7205 (XA CD-ROM library) plus 
CDB-X10 controller (XA compatible) 
af 
CDU-6211 


— 


private label SCSI external) or 
CDU-7211 (Sony label SCS! external) or 
CDU-541 (SCSI internal) plus 
CDSEXT SCS! adapter kit plus 
Future Domain CD-ROM driver (version 2.21) 
or 
Adaptec 1842BK SCSI card & software 
NEC CDR-73 or CDR-37 and NEC SCSI controller 
with NECCDR.SYS dated later than 4-92. 
ote: the new CDR-74 or CDR-84 multispin 
drives do not work at this time. 
CD Rom, Inc. CRI 1000i plus 
Trantor 1128 or 1130 SCSI controller PCA 
Trantor driver rev 1.46d or late 
Texel DM3024 (internal) or DM5024 (external) plus 
rantor 1128 or 1130 SCSI controller PCA 


—k 
— 


. 
Trantor driver rev 1.46d or later 
Toshiba TXM3301B (internal) or TXM3301E1 (external) 
p 
i} 
j 


rantor 1128 or 1130 SCSI controller PCA 
antor driver rev 1.46d or later 


The Toshiba 3301 drives are the same 
as HP’s A1999A or C2226A drives. 
However, there is no support software 
currently available for HP-UX platforms. 
The PhotoCD discs do not have a stan- 
dard CD-ROM file system, which means 
they won’t mount under HP-UX. i 


Bill Hassell, HP-UX System Support, 
HP Atlanta Response Center, 
e-mail: blh@hpuerca.atl.hp.com 
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Need a Workstation Now? 


Rent from Genstar for Overnight Delivery 


Meet your immediate and short-term needs. Stretch capital. And enjoy 
the latest technology from Hewlett-Packard, Sun, Tadpole and RDI. 


Smart managers know renting frequently offers more advantages than 
buying capital i ala eal You can customize a rental at Genstar — alll 
from an industry leader for more than 25 years. 


Why wait? Call Genstar now for answers on how to best meet your 
immediate workstation needs. 


GENSTAR J 
U.S. 1-800-422-3300 
Canada 1-800-387-6646 RENTALS 


What you need when you need it 
PCs, Workstations & Electronic Test Equipment for Business 
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cl, an X 
Programmer's 
Tool 


by 
Larry Headlund 
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DESIGNING AND copING Graphical User 
Interfaces (GUIs) is not the easiest task 
in the world, particularly in X’s “native” 
C. I say that C is the native language for 
X because X itself is written in C, and at 
this time most of the examples you will 
have to look at are also in C. Even after 
you make the paradigm switch to event 
driven-programming and understand 
what you can and cannot do, the process 
of programing itself presents some new 
difficulties. These include: 

® Graphical programs require rapid pro- 
totype development to get meaningful 
user input into the software develop- 
ment spiral. 

# Graphical programs must expect to be 
customized by the user. 

2 Graphical programming with the tool- 
kits (Xt, Athena, Motif) is hard, with a 
level of detail required some have com- 
pared to programming in assembly lan- 
guage. 

These challenges have evoked a num- 
ber of responses. 


Better Toolkits 

Here toolkits refers to a library that 
sits above the basic Xlib interface and sim- 
plifies development. Xt, Motif and 
OpenLook are the most famous exam- 
ples of these. Other toolkits either com- 
pete with these or build on them (or both) 
to provide easier development. These 
other toolkits may also offer platform in- 
dependence, with the same code running 
under some combination of Motif, Open- 
Look, Microsoft Windows, Macintosh, 
character terminals, etc. Commercial 
products like this include XVT, JAM, 
Neuron Data, etc. One noncommercial 
example is stdwin by Guido van Rossum, 
which runs on alphanumeric terminals, 
X, Macintosh, MS-DOS with a dumb dis- 
play, and the Atari. 


The cross-platform toolkits are on the 
horns of the following dilemma: If they 
offer only the features with equivalents 
on all supported platforms, the “greatest 
common denominator” approach, then 
they cannot take advantage of the features 
of the more powerful platforms. If they 
emulate the more powerful features on 
the lesser platforms, they are shouldering 
a large development burden and risk be- 
coming nonstandard (very Politically 
Incorrect for user interfaces) as the plat- 
forms evolve. 

When you choose a toolkit, you are 
getting married to it. Even when the tool- 
kit permits you to bypass it and work with 
the native toolkit, your infidelity will dam- 
age the advantages of the relationship. 


Non C Interfaces 

It is not written in stone that X pro- 
gramming be done in C. An existing lan- 
guage with advantages over C, or just with 
greater familiarity to its adherents, can be 
substituted. Perhaps the best known of 
the non-C packages is Interviews for C++. 
Other interesting interfaces include 
Winterp, an xlisp interface to Motif, Elk, 
a Scheme interface to several toolkits, ezd, 
another Scheme interface, wsh, a ksh in- 
terface, Python, a “new” language with 
an interface to the widget-set-indepen- 
dent toolkit stdwin, and GNU Smalltalk 
with an X interface. This is by no means 
an exhaustive list. Note that most of the 
examples mentioned above are interpret- 
ed languages, with the advantages and 
problems of same. 

A popular combination of toolkit and 
new language is ‘I’k, an X interface with its 
own “look and feel” based on the TCL 
language. Tk is not built on Motif, but 
projects built with it look a lot like Motif 
to the user. 

The question is, is it worthwhile to 
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learn a new language just to do GUI pro- 
gramming? Integration of existing code, 
for example for data base access, may be 
a problem. 

Most of these languages have meth- 
ods for adding C hooks but a heteroge- 
neous environment may be a problem for 
you. Some say the paradigm shift to GUI 
programming is an excellent opportuni- 
ty to expand your vision with a new lan- 
guage. Others argue that this is one 
strangeness to many. If you have a large 
investment in C tools or if your organi- 
zation has standardized on C, switching 
languages may be difficult. 

If you already use one of the above lan- 
guages, don’t stop reading now! Wel is 
not chained to C. 


Specialized Languages 

In the tradition of 4GLs (Fourth 
Generation Languages) developed for data- 
base access, some specialized languages for 
GUIs have been developed. ‘These aim to 
abstract the essential functions of GUIs 
and have the programmer deal with the 
interface at a higher level. Some of these 
languages are interesting in their own right, 
although too many commercial 4GLs have 
strained mightily only to deliver an infe- 
rior rewrite of COBOL. For that matter, 
many of the arguments for 4GLs (Plain 
English! Nonprogrammers develop ap- 
plications! So simple even management 
can do it!) are the same ones that were ad- 
vanced for COBOL. This is not to run 
down COBOL, which has proved very 
useful and is still evolving, but to criticize 
the wannabees. 

Specialized languages face the same 
arguments advanced against the not-your- 
standard languages above. Also, C, C++, 
Scheme, Lisp, etc. have acquired sup- 
porting tools, libraries, example code, 
working programs, introductory and ad- 
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vanced textbooks, and the other accou- 
trements of well-understood languages, 
which are not lightly discarded. 


WYSIWYG Design Tools 

What You See Is What You Get de- 
sign tools replace the coding of the ap- 
pearance of an application with drawing. 
Typically you design an interface by 
choosing from a palette of interface ele- 
ments and positioning it directly on the 
screen. The WYSIWYG may generate a 
C program, an app-defaults file, a spe- 
cially formatted interface specification file, 
or some combination of the above. The 
designer gets immediate feedback on his 
design, and this technique is much faster 
in developing an interface than straight 
coding. WYSIWYG tools are available 
for or bundled with many specialized lan- 
guages and custom toolkits. 

The disadvantage of WYSIWYG pro- 
gramming is What You See Is All You 
Get. That is, if the object you want to use 
is not on the palette, you can’t use it from 
inside the tool. Some designing tools let 
you add new objects, with greater or less- 
er difficulties. Usually you don’t have full 
access to the toolkit from within the tool. 
That is, there are some things you can do 
easily from within the toolkit that you 
can’t do using the tool. The example I al- 
ways try is creating a selection dialogue 
with the list unmanaged. I haven’t run 
into any WYSIWYG tools that can do 
this. It may not be possible with some 
tools to add your own or new widgets. 

If the WYSIWYG tool generates its 
own specification interface file in its own 
format, you will need an interpreting en- 
gine on each target platform. ‘This may 
be expensive or unavailable for the par- 
ticular platform you are interested in. 

If the WYSIWYG tool generates C 
code, it may not be structured to match 


your standards, in all senses of the word 
standards. It may not allow you to mod- 
ify the generated code and then have the 
tool work with the modified code as part 
of the development spiral. 

If the tool generates an intermediate 
language, then the objections to yet an- 
other language and the possible problems 
of generated C code both apply. 


Wcl, the Widget Creation Library 

I would like to be able to say that Wel 
gives you all the advantages of any of the 
above approaches with none of the dis- 
advantages. I can’t, but it is adamn good 
tool anyway. 

Wel extends the functionality of the X 
resource file to include not only the ap- 
pearance of existing widgets but the cre- 
ation of widgets, their type, and the 
binding of callbacks. With the exception 
of the callbacks themselves, the entire ap- 
plication may be specified inside of Wel. 
Wcl is widget-set-independent. It works 
with and examples are provided for Motif, 
Athena, and OpenLook. 

Welis language independent. It is writ- 
ten in C and perhaps that is the most “nat- 
ural” way to use it, but interfaces have 
already been written to it with C++ and 
Tcl, with strong rumors of Perl and 
Scheme interfaces upcoming. 

Welis popular. This means that there 
are lots programs using it and that when, 
for example, Bellcore released their Xbae 
spreadsheet widget, they included inter- 
faces and sample programs using Wcl. 
There is even a WYSIWYG tool called 
Dirt by Richart Hesketh, which gener- 
ates Wcl resource files. 

Wel is efficient enough and has low 
enough overhead that the prototype writ- 
ten with it can be the finished application. 

We<lis not a complete language. It does 
not have branching or loop constructs, for 
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example. You would have to code your 
callbacks in another language. It does in- 
clude sample callbacks, which allow you, 
for example, to execute a shell command, 
such as starting another program. 

Wel is available in the MIT X contrib 
and the other usual anon ftp sites. 


To Be Continued 

Next time I will go into detail about 
how to use Wel and its many advantages. 
If I’ve aroused your interest enough so 
that you want get it off the ‘net and try 
it, this warning: If you are running HP- 
UX 8.x ona 4xx or 3xx with Motif1.1 and 
X11R4 from HP, versions of Wcl above 
1.04 may dump core when using the 
Motif libraries. Wel 2.xx requires X11R5 
for its template functionality. It may well 
dump core with the Motif widgets. Wel 
2.x runs fine with X11R5 and the Athena 
Widgets under 8.0. 

So if you are in the following envi- 
ronment: 


9000/3xx or 9000/4xx 
HP-UX 8.x 

X11R4 from HP 
Motif1.1 from HP 


get Wel 1.04. The features of Wel 2.x are 
very nice, but 1.04 is a useful tool on its 
own. 

The code referenced below is available 
from export.lcs.mit.edu in the contrib di- 
rectory. 
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HA. ociness Is... 


A Secure 
Computer 


by 
R. Arthur Gentry 


Most usERs NEW To THE UNIX wor tp find it confusing and complicated, and one of 
the most overlooked items is system security. This column will outline some of the sim- 
plest, yet most overlooked, procedures that help make a UNIX system more secure. 
1. If your system is not in a secured environment, then stop reading here. No amount 
of software security will be able to stop a physical invasion of the system. Multi-user 
computer systems should be in a secured and controlled environment. How secured? 
The answer to that is, how much risk are you willing to accept, and what is the cost 
to your business should the data stored on your systems be compromised? It can range 
from something as simple as a key-locked room (properly air-conditioned, of course) to 
retina and voice print identifiers with armed guards. Again, you need to balance the cost 
of providing physical security against the cost of lost, altered, or stolen company data. 
2. Immediately upon acceptance of a computer system from a vendor (or now, if you 
haven’t already), change all of the passwords in /etc/passwd. Id’s that are needed for sys- 
tem reasons but are not needed as actual logins should have their passwords disabled 
by replacing the encrypted password string with something like NONE, NOWAY, *, 
NP or the like. Id’s such as powerdown, bin, sys, setup and others should be disabled. 
3. Invoke password aging for ALL logins except root, uucp, and nuucp, which should 
be changed manually on a regular basis. Password aging is invoked by placing a “,” 
(comma) and a pair of codes following the encrypted password. The /etc/passwd entry 
would look something like this: 


ed:130sSjf8/dSx,A/:101:1:Ed Smith:/usr/ed:/bin/ksh 


The code A/ tells the login process that this password must be changed every 12 
weeks (A) and that it can only be changed once a week (/). 


In a system that has implemented the /etc/shadow file format, the entry would look 
like this: 


ed: i30s$jf8/dSx,7820:7:60 


Field #1 is the user’s id, #2 is the encrypted password, #3 is the last date the password 
was changed (in days since January, 1970), #4 is the minimum number of days the pass- 
word must be in effect before being changed again, and #5 is the number of days this 
password can remain in effect. The password entry in the /etc/passwd file is replaced 
with an asterisk (*). ; 

The time permitted between required password changes should be long enough to 
not aggravate users yet should provide necessary security for the system. Suggested 
guidelines allow one month for logins with access to restricted data, two months for sen- 
sitive data, and three months for noncritical applications. 

4. Verify that the file permissions for /etc/passwd are read only (i.e., r--r--r--) and that 
the file is owned by root. 

5. While on the subject of logins and passwords, don’t forget to look over the Systems 
and Permissions files in /usr/lib/uucp. 

To start off, both of these files should have read permission only for the owner (i.e., 
[-------- ), and both files should be owned by uucp. 
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6. Systems entered in your Systems file should be verified on a 
regular basis for accuracy and necessity. Delete any entries that 
are no longer needed, and verify that the system you think you 
are calling really is the system you are calling! 

7. Regularly change the passwords for your uucp and/or nuucp 
logins. This means talking (yes, TALKING, do NOT e-mail 
passwords!) to the remote system administrator, so he or she 
can change the password in their Systems file. 

8. One of the most common security problems I encounter in 
UNIX systems is in the Permissions file. Most people leave in the 
default entries, which generally allow a system to initiate a wucp 
file transfer to your system to read or write any file that has world 
read/write permission. For example, a system could come in and 
take a copy of your /etc/passwd file, since the file has world read 
permission. ‘To prevent this, use the NOREAD, READ, and 
WRITE variables in the Permissions file. A typical entry might 
be the following: 


NOREAD=/etc:/usr/lib/uucp \ 
WRITE=/usr/spool/uucppublic 


‘These entries will allow systems to read any file that has world 
read permission, from any directory on your system, except /etc 
and /usr/lib/uucp; and to write files only into the directory 
/usr/lib/uucppublic. You can, of course, restrict the access even 
more by specifying additional directories in the NOREAD vari- 
able or by setting the READ variable to only those directories that 
you want read from. 

9. File permissions are another area most people don’t think 
twice about. A good rule of thumb is there should be no files on 
the system with world write permission, with the exception of tmp 
files. Any file that has world write permission can be modified or 
deleted by anyone. User-owned files should have read, write, 
and execute (if appropriate) for the owner, with group and world 
permissions set as needed. One way to set this by default is by 
using the umask command in /etc/profile. This command works 
as a binary or against file permissions of 777, or read, write, and 
execute for everyone. By setting umask to 027, default file per- 
missions are now 750, or read, write, execute for owner, read 
and execute for group, and nothing for world. 

10. Check directory ownerships and permissions. Root should 
own all file systems, with file permissions set to 775. Group own- 
ership should be set by the file system type, i-e., bin should be the 
group owner of /bin, sys should be the group owner of /etc and 
so on. Individual user directories should be owned by the user, 
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with permissions set for 755 or tighter. 
11. Individual user “.” (dot) files, such as .profile, should have read 
and write permission to the owner only. This prevents someone 
from possibly sticking a Trojan horse program into a user’s file. Be 
careful when changing ownerships of the root user dot files; issu- 
ing the command chown user .* will also change the ownerships 
of the parent directories. 
12. Invoke a method of forcing inactive users to log off the sys- 
tem. Many a time I have wandered through an office and seen 
unattended terminals logged into applications. There are sev- 
eral ways to activate automatic log off, depending on your ven- 
dor’s software capabilities. You can also write a script that will scan 
for inactivity and force a user off. This script should be placed in 
root’s crontab entries to run every 30 minutes or so. Scripts for 
doing this can be found in most UNIX system administration 
publications. 
13. Immediately deactivate any logins of employees who leave 
the company. The easiest way to do this, without losing any data 
that may be in their directories, is to replace the encrypted pass- 
word entry with the word NONE. 
14. Each time you install an operating system update, or upon 
an initial installation, create a list of known programs that have 
been suid to root. The easiest way to do this is with the find 
command. 

The command 


find / -perm -4000 -user root -exec ls -al {} \; 


will give you a list of all files on your system that will run as root, 
no matter who runs them. This list should be compared against 
a known good list on a regular basis. Any program that is not 
known to be needed as being suid to root should immediately be 
suspect and investigated. More Trojan horse programs are cre- 
ated this way than any other. At the same time, verify the last 
modification date and file size with your known good list. It is very 
common for someone to modify a normal system utility so that 
it does a not-so-normal function. 
15. Another easy-to-implement security measure is to force 
screen clearing at log-off time, preventing a user from leaving pos- 
sibly proprietary information on the screen when they log off. 
Screen clearing is easily accomplished using the trap com- 
mand in /etc/profile. The command trap "‘tput clear’" 0 1 
will clear the screen whenever the user exits the shell or sends a 
hang-up signal to his process. This assumes that the user has 
properly defined his terminal type at login time. 
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16. Probably the most important security measure, and the most 
misunderstood by users, is backups. As a system administrator, 
your most important job is to assure that adequate backups exist 
for all your systems. I have yet to meet an administrator who 
hasn’t thought they could get away with not doing backups one 
time and paid for it dearly later. 

Besides having a good set of backups on-site, it is important 

to keep a current set off-site as well; if your computer site goes 
up in flames, doing backups regularly will do no good if all the 
sets are in the same place. Ensure that the off-site set is secure 
from unauthorized personnel. 
17. Another place to check file permissions and ownerships is 
/ust/spool/cron/crontabs. All files in this directory should be 
read only to the owner. Also, pay close attention to entries in 
crontabs files root, sys, sysadm, and bin. When these cron jobs 
execute, they run as the owner, which means that any job that runs 
from root’s file has root’s permissions. 

This elementary description provides some simple sugges- 
tions for making your systems more secure. This list could go 
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on another 20 pages, addressing problems associated with net- 
works, databases, dial-in modems, X.25 networks, and so on. 
The solutions can also go on, depending on the capabilities 
and uses of your systems; some system vendors have imple- 
mented C]2 security measures that, if taken full advantage of, 
will make your system quite secure, plus give you the ability 
to audit users’ actions. 

The real keys to system security are in the hands of you, the 
system administrator. User education, a watchful eye, and com- 
mon sense will prevent most amateur intrusions. But don’t for- 
get the number-one rule of security—the only totally secure 
system has no terminals, modems or printers on it. In a normal 
environment, there is no such thing as a totally secure system, only 
systems that are more secure than others. i 


Art Gentry is president of Gentry and Associates, a computer con- 
sulting firm, specializing in UNIX system administration, man- 
agement and security, located in Excelsior Springs, Missouri, and 
can be reached at 816-637-2443. 
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tion consulting, and data acquisition systems for manufac- 
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Kelly Computer Systems 

Manufacturer of performance products: RAMDISC, 
Spectrum memory, Classic memory, and PC and LaserJet 
memory. CPU upgrades also available. Phone: (415) 960- 
1010/Fax: (415) 960-3474. 


Martech 

Highest quality solutions at the lowest price available. 
Complete line of memory products for HP 9000, 3000 and 
1000 computers. Also RAM for Apollo Domain Series 2500- 
5500. Phone: (800) 582-3555/Fax: (818) 284-3092. 


Puzzle Systems Corporation 

Founded in 1989, Puzzle Systems Corporation specializes 
in high-pertormance, reasonably priced UNIX/ NetWare 
interoperability products. Phone: (408) 779-9909/Fax: (408) 
779-5058/E-mail: jal@puzzle.com 
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SOTAS International, Inc. 
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Sterling Software 

Sterling Software, the worldwide EDI software and net- 
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Technical & Scientific Application 

Call TSA for new, used, and remanufactured HP equip- 
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for the Hewlett Packard 9000 series 200/300/400/700/800 
workstations and file servers. ISA is the first company in 
the world to provide W.O.R.M. type optical storage sys- 
tems for the HP user. Phone: (713) 493-9925/Fax: (713) 
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‘TransEra Corporation 

TransEra’s HTBasic HP 700 Version allows you to run 
your HP 9000 Series 200/300 application on your HP 700 
Workstation. Phone: (801) 224-6550/Fax: (801) 224-0355. 


Tryonics Inc. 

Tryonics Inc. is a provider of quality remanufactured 
HP/Apollo, Apollo Domain series workstations, spare 
parts, network and software consulting services. Call (800) 
551-6236/Fax: (603) 427-6843 


Walker, Richer & Quinn, Inc. 

WRQ (Walker, Richer & Quinn, Inc.) develops and mar- 
kets Reflection software—PC products for terminal emu- 
lation, networking, and development tools. Phone: (800) 
92 NETWORK/Fax: (206) 322-8151. 
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s HP-UX systems are moving into the main- 


stream commercial data processing environ- 
ment at an accelerating rate, more and more 
mission-critical applications are running on 
HP 9000 systems. These applications and related data- 
bases of information have become one of the most 
valuable and non-replaceable assets for many corpo- 


rations. As with all other company as- 


Maintaining a Secure 
Environment Requires 
The Full Commitment eiimnteoneeiE 
Of All Involved Very often security is an after- 
by Chris Hauck thought when we are installing or 


maintaining a system. The key to suc- 


sets, protecting the integrity and privacy 


of this information is, or should be, of 


cessfully maintaining a secure system is to begin with 
an understanding of the key issues facing the securi- 
ty/system manager and the available means of secur- 
ing the system. Only then can an adequate, effective 


security plan be developed and implemented; other- 
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wise it’s like trying to hit a moving target in the dark. 
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This article begins with a discussion of general commercial se- 
curity requirements, outlining the concerns and issues facing most 
security and system administrators today. These issues are then dis- 
cussed as they relate specifically to the HP-UX environment, with 
a presentation of available security controls, monitoring tools, and 
potential areas of vulnerability. With a number of shops now op- 
erating in a mixed MPE and HP-UX environment, this article 
also relates HP-UX security controls and concepts to the MPEAX 
operating environment. 


Introduction 

System security planning is very simi- 
lar to an insurance policy; until something 
is lost, stolen or damaged, it is just a cost- 
ly expense and an inconvenience for an 
organization. Often overlooked during 
system implementation and planning, sys- 
tem security is typically implemented hap- 
hazardly at best. Initial efforts at securing 
a system become ineffective after on-going 
system maintenance and management ac- 
tivities are performed. Controls and secu- 
rity measures implemented in the past do not keep pace or are not 
updated to accommodate newer applications, network connections 
and client-server implementations. This often leaves gaping holes 
in the security of the systems, holes which could cost an organi- 
zation a considerable amount of money due to loss of data (through 
either malicious or accidental acts), and loss of business (through 
temporary loss of computing facilities), resulting in a general loss 
of credibility in the industry. 

Security is a risk. And just like all risks encountered in doing 
business, the risks can be managed to avoid these potential security 
hazards. Implementation of procedure modifications, opera- 
tional changes, and additional controls can assist in reducing 
these risks (as in managing any risk, the cost of avoidance must 
be weighed against the potential threat/consequence). The greater 
the value of the information being processed, the greater the 
need to implement controls to restrict access, monitor activity, 
and audit modifications. This involves a commitment by all lev- 
els of an organization, with a security plan detailing goals and poli- 
cies set forth by the upper-level management. This security plan 
should: 
= Identify the goals and objectives of implementing security 

policies and procedures 
= Detail the current operating environment (hardware, software, 
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data, networking, etc.) and value to the organization, identi- 
fying need for privacy and integrity 

= Review existing security controls and policies 

= Identify general security requirements, guidelines, and policies 

= Identify areas of vulnerability and necessary controls to mini- 
mize the risk 

= Establish an implementation schedule for additional controls 
and on-going audit procedures; assign responsibilities for in- 
formation security along with account- 
ability policies 

= Identify necessary training programs for 
various groups within the organization 


The UNIX operating system was de- 
veloped at Bell Laboratories by pro- 
grammers, for programmers. Security of 
the system and files was not a major con- 
cern since all access was either by an in- 
dividual or by a local development team. 
UNIX has traditionally been utilized in 
this type of “open” atmosphere, with al- 
most every user having access to any file 
or resource of the system. In addition, there has been quite a bit 
of information published about the internal workings of the op- 
erating system, networking capabilities, and potential security 
holes in the system. This widespread knowledge of the “bowels” 
of UNIX has contributed to its reputation as an insecure oper- 
ating system. Outside of Bell Labs, UNIX became popular in 
many universities, and gradually during the past decade, UNIX- 
based systems have permeated mainstream commercial data pro- 
cessing environments. During this period of many years, countless 
new features and utilities have been added to the core operating 
environment. Included in these developments are features de- 
signed to enhance the security of the system and files; however, 
very often these facilities go unimplemented. 

When the word “security” is mentioned, the term that fre- 
quently comes to mind is “hacker.” The media have publicized 
a number of both fictional and real-life computer security breach- 
es over the past few years, popularizing the hacker role in the 
movie War Games. Although these types of concentrated attacks 
to break the security of a system certainly exist (as evidenced by 
the 1988 Internet “worm,” the 1986-87 international Internet 
computer break-ins, and the various viruses and Trojan hors- 
es), evidence suggests that the greatest potential threats lie with- 
in an organization: through current employees or ex-employees 
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attempting to access unauthorized information, lack of effective 
data backup procedures, or unintentional modification or de- 
struction of data due to carelessness or lack of understanding. 
In order to begin to understand the potential vulnerabilities 
of your system, it is worth considering the types of security “at- 
tacks” that may be waged. In a broad sense they can be catego- 
rized as either: 
1. Attempting to access (logon) an unauthorized system or user 
id, or 
2. Attempting to access (read/modify/execute) an unauthorized 
file, database or executable program. 


Controlling System Access 

Keeping unwanted users from knowing about your system 
and logging on is more than half the battle in securing the sys- 
tem. Once an unauthorized user signs on, the possibilities for 
causing some type of damage greatly increase; therefore, it is 
at this point that a good portion of the effort involved in main- 
taining a secure system lies. With the development of sophis- 
ticated networking protocols and services, and the proliferation 
of systems attached to corporate, metropolitan, and global net- 
works (such as the Internet), identifying a list of accessible sys- 
tems has become a trivial task, even for the UNIX novice. 
Published lists of systems, including logons for non-privileged 
file transfer (FTP) access are widely available on nearly every 
bulletin board and even on the Internet systems themselves. 
Even if a system is not directly connected to the public net- 
working environments, most multi-user business systems have 
some type of local area network or modem access available, 
and all have directly attached terminal or X-window devices. 
This minimizes the challenge for a potential intruder, and 
places the full burden of identifying permissible users of the 
system squarely on the shoulders of the security administra- 
tor(s) and/or system manager(s). 

Prevention of a problem by restricting access is very often many 
times less costly than attempting to deal with the problem after the 
fact. Controlling access to the system’s hardware, networking ca- 
pabilities, and user ids is the first line of defense. Devices such as 
call-back modems, address filtering bridges and routers, and net- 
work service restrictions can assist in controlling who may access 
a system; however, this article will focus on the UNIX operating 
system level controls and security functionality available to the 
security administrator. Exploration of the security controls in- 
volved in a networked environment is beyond the scope of this 
system-level introduction. Very often, implementing a basic set of 
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security provisions and policies along with continual monitoring 
for compliance will provide the greatest incremental improve- 
ment in overall system security and integrity. 

With regard to controlling system access, these basic securi- 
ty provisions relate to: 
» Password protection 
# Default Accounts (user ids) 
# Obsolete Accounts 
# Login scripts 


Password Protection 

In order to determine whether or not a person should be al- 
lowed access to a system, some method of identifying that per- 
son is required. Sophisticated techniques (such as retinal scans, 
voice prints, and finger prints) have been implemented to veri- 
fy a person’s identify, but these also have some limitations due to 
costs, complexity and today’s distributed environments. Passwords 
remain a cost-effective, generally available, and if properly ad- 
ministered, fairly reliable means of identifying a user, based upon 
that person’s knowledge. Also, combinations of passwords and “se- 
curity cards” can further enhance the effectiveness of user iden- 
tification and authentication. 

With UNIX (and HP-UX, Hewlett-Packard’s implementa- 
tion of UNIX), user account information, including user name, 
user id, group id, password, comments, home directory and start- 
up program are maintained by default in the file ‘/etc/passwd’, for- 
matted as follows: 


$ more /etc/passwd 

root:/7v48qzZbiEhok:0:3::/:/bin/ksh 

daemon: *:1:5::/:/bin/sh 

bin:*:2:2::/bin:/bin/sh 

adm:*:4:4::/usr/adm:/bin/sh 

uucp:*:5:3::/usr/spool/uucppublic:/usr/lib/uucp/uucico 

Lp:*:9:7::/usr/spool/lp:/bin/sh 

hpdb:*:27:1:ALLBASE:/:/bin/sh 

tftp:*:77:10:TFTP daemon:/usr/tftpdir:/bin/false 

ppluser:*:80:10:ppl user:/usr/tftpdir:/usr/bin/ppl 

bsmith:rqSCr405ystZY:502:21:Bill Smith,555-1234,555-5678: 
/users/bsmith:/bin/sh 


General format: 


<username><encrypted password><user id><groupid><comments> 
<HOME directory><startup program> 
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User id and Group id are numbers associated with a user at 
login time, based upon the supplied user name. The password is 
stored in the file using a one-way encryption algorithm. During 
the login process, after the user specifies a user name and pass- 
word, the system performs a one-way encryption on the sup- 
plied password and verifies both the user name and encrypted 
password against the /etc/passwd file entries. If they match, the 
login process continues by executing any login ‘scripts’ (a se- 
quence of operating system command interpreter or ‘shell’ com- 
mands stored in a file) defined by the system administrator and/or 
user. The user and group id’s are used by the UNIX file system 
in establishing file-level access controls. 

A special user id of zero (0) identifies the user as a “super- 
user” to the system. This is analogous to System Manager or 
SM capability in the MPE/iX operating system of the HP 3000 
computer family. Unlike MPE, which allows specification of a 
“capability list” to users/groups/accounts, UNIX provides only 
two type of accounts: root (or super-user) and everything else. 
Super-users can access (read/write/execute/delete) any file in 
the file system. In an operating state known as a “trusted sys- 
tem,” the super-user is also capable of maintaining the security 
and integrity of the system. The HP-UX operating system lim- 
its execution of many system management commands to super- 
users (such as adding new users, removing users, establishing 
login startup scripts, kernel configuration/modification, etc). 

A person attempting to gain illegitimate access to a UNIX- 
based computer system will likely attempt to gain super-user 
privileges. Once gained, the damage or access to confidential 
data is nearly limitless. The user name ‘root’ is similar to ‘MAN- 
AGER.SYS’ on the 3000, in that it is the user id with the most 
capability, and exists on every UNIX-based system. Consequently, 
access to the root password should be restricted to the mini- 
mum set of individuals, and changed frequently. 

The ‘root’ user name is generic and does not uniquely iden- 
tify an individual, especially if the logon password is known by 
more than one person. ‘Therefore, the better method for gain- 
ing root access to the system is to have those individuals log in 
to the system using their unique non-root privilege user names, 
and using a UNIX facility called ‘su’, or switch user, to gain root 
privileges temporarily when necessary. su allows a logged-in 
user to switch to a new user id and group id without logging off 
and on again. If the current user id is non-zero (not root privi- 
leges), the person must specify the password of the requested 
user name. ‘The advantage of using this technique versus directly 
logging on as ‘root is that the su command can optionally log into 
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the file ‘/usr/adm/sulog’ both successful and unsuccessful at- 
tempts to switch user (if the file exists within the system). This 
provides an audit trail for users gaining access to root or any 
other user id via the su command. The file /usr/adm/sulog con- 
tains the date/time, success or failure (+/-), terminal device, and 
original-destination user names, as shown below: 


$ whoami 

jshoe (our current user name) 

$ su root (now switch to user 'root') 
Password: 


# more /usr/adm/sulog (examine the su log file) 
SU 04/20 09:41 + ttyu0 msmith-root 
SU 04/22 16:18 - 


SU 04/22 16:37 + 


ttyp3 bmiller-root 
ttyu0 jshoe-root 
(log of our su access to root) 


By default, HP-UX passwords must be constructed to meet 

the following requirements: 

# Each password must have at least six characters. Only the first 
eight characters are significant. 

# Characters must be from the 7-bit USASCII character set; let- 
ters from the English alphabet. 

= Each password must contain at least two alphabetic characters 
and at least one numeric or special character. In this case, “al- 
phabetic” means uppercase and lowercase letters. 

= Each password must differ from the user’s login name and any 
reverse or circular shift of that login name. For comparison 
purposes, an uppercase letter and its corresponding lowercase 
equivalent are treated as identical. 

# New passwords must differ from the old one by at least three 
characters. For comparison purposes, an uppercase letter and 
its corresponding lowercase equivalent are treated as identical. 


The objective in choosing a password is to make it as difficult 
as possible to guess, while also making it meaningful enough for 
the user to remember without the need to write it down. Passwords 
must be kept secret at all times, since it is the limited knowledge 
of other users that allows us to identify uniquely a person re- 
questing access to the system. Sharing user ids and passwords 
among a group of users should be avoided, if at all possible. Not 
only does sharing defeat the purpose of attempting to identify a user 
uniquely, and limit the effectiveness of activity audit trails, but the 
task of changing a password is much more difficult and often is a 
reason why some passwords are never changed, since all persons 
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sharing the password must be notified. 

Password security is the responsibility of the security ad- 
ministrator and every user who has a valid user id on the sys- 
tem. At the time a user is added to the system, a password should 
be assigned by the system administrator. Every user should have 
a unique user id (uid) and should have the same uid assigned for 
each system for which he has a login id (this simplifies file access 
management in an environment utilizing NFS — Network File 
System). To verify that there are no duplicate user ids defined in 
the /etc/passwd file, perform the following: 


$ sort -t: +2n /etc/passwd |\ 

> awk -F: 'Cif (duplicate == $3) print $1 " " uname; uname = 
Sie \ 

> duplicate = $3}! 


Under HP-UX, the individual user has the ability to change his 
or her own login password by using the ‘passwd’ command. After 
prompting for the current password, the system requests a new 
password twice, once for verification since the user’s typing 1s not 
echoed to the display. The super-user is permitted to change any 
user password on the system, or can remove a password by sim- 
ply pressing return when prompted for the new password. 
Even though the passwords in the file are encrypted and not 
able to be decrypted, theoretically, someone who had access to 
the encryption algorithm used by the operating system and a list 
of the encrypted passwords from a system (simply a copy of the 
/etc/passwd file) could write a program to try many combina- 
tions of words in an attempt to find a matching encrypted pass- 
word (in fact, this technique has been used to crack passwords 
on many systems). Even though there are a large number of 
combinations of the available letters and special characters, very 
often only a small subset is actually used — drastically decreas- 
ing the total number of possibilities. Since it is possible pro- 
grammatically (using the standard utility /usr/lib/makekey) to 
test a large number of passwords against the encrypted pass- 
words stored in the /etc/passwd file (such as all the words in 
the dictionary), here are some additional guidelines in choosing 
a password: 
= Do not use any form of the words from the comment field 
portion of the /etc/passwd file. 

= Do not use a spouse’s or child’s name. 

# Do not use simple keyword sequences such as “1 qwerty.” 

= Do:not use other data easily obtained or known about you 
(such as nicknames, favorite foods, activities, sports, teams, 
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characters, car models, etc). 

# Do use a password with mixed upper and lower case letters. 

= Passwords should never be stored as part of a file on the com- 
puter, either on the UNIX system or a PC terminal emula- 
tor application logon script. 

= Do use a password that is easy to remember. ‘T'ry misspelling 
words, or making nonsense words from multiple syllables. 
“Pass-phrases” are good — choosing the first letter from each 
word in a phrase, e.g., “All men are created equal” yields 
“Amace9”. 

= Force users to change their passwords on a regular basis. 

= Every user id defined in /etc/passwd should have a password. 

« Entries in /etc/passwd for place holder or no-user accounts 

), and if possible a 
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should have an impossible password ( 
startup program of “/bin/false”. 


After making any changes to either the /etc/passwd or 
/etc/groups files, use the HP-UX utilities pwck and grpck to 
scan the files and report any inconsistencies. The checks in- 
clude validation of the number of fields, login name, user ID, 
eroup ID, and whether the login directory and optional pro- 
eram name exist. 

Password aging is put in effect for a particular user if his en- 
crypted password in the password file is followed by a comma and 
a non-null string of characters. (Such a string must be intro- 
duced in the first instance by the super-user.) This string de- 
fines the “age” needed to implement password aging. The first 
character of the age — such as ‘M’ — denotes the maximum 
number of weeks for which a password is valid. A user who at- 
tempts to log in after his password has expired is forced to sup- 
ply a new one. The next character — such as ‘m’ — denotes the 
minimum period in weeks that must expire before the password 
can be changed. 

A second password file can also be established by the system 
administrator (/.secure/etc/passwd) to maintain the encrypted 
passwords on the system and prevent non-privileged users from 
viewing them. Unlike the /etc/passwd file, which is readable by 
all users of the system, /.secure/etc/passwd should be accessible 
to super-users only. The passwords contained in /.secure/etc/pass- 
wd take precedence over those contained in the encrypted pass- 
word field of /etc/passwd. User authentication is done using the 
encrypted passwords in this file. The password aging mecha- 
nism described above also applies to /.secure/etc/passwd. Use 
of this secondary passwd file is established as part of converting 
to a “Trusted System.” 
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Default and Obsolete Accounts 

On many systems, especially those with a large number of 
user ids defined, there typically exist a number of user ids that have 
been set up over the years for special purposes and are no longer 
of value. ‘These may have been required by third-party software, 
a demonstration id for evaluation software, or for users to ac- 
cess games, etc. These accounts can very often be a large secu- 
rity hole in that either they have no passwords or easily guessable 
passwords. ‘These types of accounts, if necessary, should only be 
created for a specified period of time and with a password that 
follows the conventions described above. Some accounts set up 
for use by the operating system should have impossible pass- 
words set (by preceding the encrypted password with an “’, for 
example), including: (daemon, bin, adm, uucp, Ip, hpdb, tftp and 
ppluser). hese user names/ids are used by the various HP-UX 
subsystems to establish proper file access right sets for the files 
associated with the subsystem, but not for user logons. 

Notification of the security administrator or system manag- 
er should be a part of the processing policy when an employee 
leaves the company. It is important to the security of the sys- 
tem(s) to remove all user ids-associated with the employee and 
remove and/or archive their files. If the ex-employee had access 
to root privileges, all passwords on the system, including root, 
should be modified as soon as possible. Using third-party soft- 
ware or customized shell scripts, procedures can be implemented 
to remove all files associated with a user id and to check for ac- 
counts that have not been accessed for a period of time. 


Login Scripts 

The first level of defense that the system administrator can use 
to protect the system is through the login process (user name and 
passwords). Login scripts provide another level of control during 
the sign-on process. Similar to “OPTION LOGON” UDCs on 
the HP 3000, login shell scripts are executed by the user’s shell 
(command interpreter) before presenting the user with a prompt 
or initiating an application. As mentioned previously, the “shell” is 
the part of the UNIX operating system that processes the com- 
mands entered by a user. ‘This is actually nothing more than a pro- 
gram with special capabilities, and over the years a number have been 
developed. The four primary shells provided by HP-UX are: 


/bin/sh "Bourne" shell 

/bin/ksh "Korn" shell 

/bin/csh "C" shell - with "C" language type syntax 
/usr/bin/keysh Function key driven shell, based on the ksh 
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In general, each of these shells has similar functionality, but 
commands and options are implemented differently. There are 
also versions of these shells known as “restricted” shells (typi- 
cally denoted by the letter ‘r’ before the name, such as /bin/rksh). 
These restricted shells provide only a subset of the capabilities 
to the user; however, potential ways around some of the re- 
strictions have been documented. These common shells use 
slightly different methods for processing login script files, al- 
though all have the ability to process two sets of scripts, one ex- 
ecuted for all users logging on the system and another executed 
on a user-by-user basis (similar to a system-wide UDC and a 
user UDC on the HP 3000). 


SHELL GLOBAL LOGIN SCRIPT PER USER LOGIN SCRIPT 
/bin/sh, /etc/profile $HOME/ profile 
/bin/ksh, 

/ust/bin/keysh 

/bin/csh /etc/csh login $HOME/ login 


Standard actions performed by the global login scripts typi- 

cally include: 

= Setting the ‘PATH? variable (similar to the PATH command 
in MS-DOS or the HPPATH variable in MPE/iX, which de- 
fines which subdirectories the shell will search for commands 

when processing user input) 

= Setting the system name and time zone variables 

= Configuring the type of terminal being used 

# Displaying the copyright notices and any “Message of the Day” 
(/etc/copyright & /etc/motd) 

= Checking if your user id has been sent any mail 


In addition, this global script is a prime location for execut- 
ing a second script that can provide additional access protec- 
tion, such as prompting the user for additional passwords if the 
device is a modem, restricting access to certain user ids based 
upon time of day, day of week or device file. HP-UX also has a 
standard feature for providing additional security for dialup (or 
other tty) devices. Two files, /etc/dialups and /etc/d_passwd, 
can be used to force the user of specified devices to enter an- 
other password based upon the program name from /etc/pass- 
wd (the startup shell program name). 

Two other shell initialization scripts, .cshre and .kshrc, are 
processed each time a user executes either the csh or ksh shells. 
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These initialization scripts, processed after the login scripts 
(profile, etc), are typically used to establish any global shell 
variables, editor defaults, etc. In a workstation or X terminal en- 
vironment, a user can have multiple simultaneous shells exe- 
cuting, each performing different tasks. Since the login scripts 
are not executed each time the user requests another “terminal 
window,” these initialization scripts allow the user to create a 
customized shell environment each time a new shell or win- 
dow is created. 

The root user startup script (i.e., 
‘/ profile’) has been a target for hackers, 
who try inserting commands into the file 
if the file permissions allow a non-priv- 
ileged user write access. A common tac- 
tic is to have these added commands 
create what is known as a “setuid to root” 
copy of one of the standard shell pro- 
eram files in another location in the sys- 
tem, with execute permission for all users. 
This allows any user on the system who 
knows about the program to run effec- 
tively as if they were logged in as the root 
user (super-user), and gain full access to restricted commands and 
files as long as they are running under this setuid shell. In the 
next section, file access rights and setuid flags are discussed in 
greater detail. 

It is important to note that shells are not the only programs 
on the system that execute scripts during initialization. Standard 
UNIX utilities such as vi, ex and emacs also allow processing 
of startup scripts. These files (.exre for vi and ex, .emacs for 
emacs) could be particularly vulnerable since they are execut- 
ed out of the current directory. For example, if the root user 
changes directories to another user’s home directory to mod- 
ify their ‘profile’ script using the standard vi editor, and that user 
has a .exrc file that creates a setuid to root copy of a shell pro- 
gram, the user could later access the shell copy to gain full ac- 
cess to the system. 


Controlling File and Resource Access 

After a user has passed the login process and startup pro- 
files, they will be executing the program file specified in the 
last field of the /etc/passwd file for their user name. If the user 
has logged-on illegitimately, at this point the major part of the 
work of breaking into a system is complete. The potential for 
finding some type of security loophole is much greater since the 
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user is able to search the system for programs, scripts, profiles, 
or data that may provide them with information regarding sys- 
tems on other networks, dialup information to other systems, 
or even the ability to acquire super-user privileges. Therefore, 
file-level access controls are crucial in establishing a secure op- 
erating environment. UNIX’s file (and device) access rights 
are based upon three categories of users: owner (the “owning” 
user id of the file), the group (the “owning” group id of the 
file), and all others (world), and three 
types of access: read, write, and execute. 
Normally the “owner” of a file is the cre- 
ating user (actually the user id and group 
id of the creating user), although this 
can be modified using the change owner 
(chown) and change group (chgrp) com- 
mands. These combinations provide a 
set of nine permissions associated with 
each file (and directory/device) on the 
system. This is similar to the MPE/iX 
file access rights available on a file (read, 
write, append, lock, execute), and the 
user classification (creator, group user, 
account librarian, group librarian, account user, etc.). The Is 
command can optionally display these permission rights for 
any file on the system, for example: 


$s -l / 
total 5628 
drwx------ 2 root mail 24 Feb 1 12:15 Mail 


1168403 Feb 4 20:07 SYSBCKUP 
299064 May 13 1991 SYSTEST 


-rwxr-xr-x 1 root sys 
-r-xr-xr-x 1 bin bin 


drwxr-xr-x 3 root root 4096 Feb 3 18:57 bin 
drwxr-xr-x 10 root root 5120 Apr 20 08:55 dev 
drwxr-xr-x 12 root root 7168 May 10:49 etc 
-rwxr-xr-x 1 root sys 1168403 Feb 21:06 hp-ux 
dr-xr-xr-x 3 bin bin 1056 Apr 11. 1991 Lib 
drwxrwxrwx 11 root root 3072 May 6 23:08 tmp 
dr=xr=xr=x 8 bin bin 1024 Mar 25 20:22 users 
dr-xr-xr-x 30 bin bin 1024 Feb 25 08:45 usr 


The first section of this listing reflects each file’s access rights. 
The first character identifies any special file attributes (i.e., d=di- 
rectory, l=symbolic link, b=block device file, c=character device 
file, etc.), and the remaining nine characters are logically divid- 
ed into groups of three characters, with each group represent- 
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ing the rights for the file owner, group member, and others, re- 
spectively. Within each character group, r, w, x represent read, 
write, and execute access. A dash (-) signifies that a specific type 
of access is disabled for that user classification. The third and 
fourth columns identify the file’s “owner” user name and mem- 
ber group name. It is for this user and group that the “owner” and 
“group” file permission flags apply. File 
permissions can be changed on a file (as- 
suming the user has access to the file) by 
using the chmod command. In addition, 
a file’s contents can be encrypted using 
the crypt command. Although not too 
difficult for a serious hacker to decode, it 
can offer some additional level of securi- 
ty for some non-sensitive material against 
casual reading of a file’s contents. 
However, encrypting files should not be 
used as a replacement for proper file per- 
mission settings. 

With MPE, there exists a default set of 
file access rights based upon the group and account in which 
the file is created. With UNIX, file permissions for newly cre- 
ated files are controlled by two mechanisms. The first is the 
program or command that is actually creating the file. Different 
programs and subsystems supplied with UNIX create files with 
different default access rights. This could be a potential prob- 
lem since some create the files with all access permissions en- 
abled for all users. A second mechanism called umask (user 
mask) enables a user to define what the default file permissions 
should NOT allow. The umask command defines on a per- 
mission-by-permission basis (for all nine settings) which ones 
should be denied. A default user mask setting for strong secu- 
rity may be: ‘umask 77’, which means to deny all access other 
than for the file owner (and super-user). The user mask setting 
is often executed in the login profile script (profile or login) 
and remains in effect as long as the shell is executing (normal- 
ly until the user logs off). 

In MPE there are additional discretionary access controls 
known as “Access Control Definitions.” These ACDs allow a 
file creator to allow specific users (identified by name) specific ac- 
cess rights to a file or set of files. This same capability exists 
within HP-UX, with the Access Control Lists (ACLs). Using 
ACLs provides a method of specifying access rights for files in 
much greater detail then standard UNIX file permissions, and 
is a requirement for the DoD’s C2 level of security. Like stan- 
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dard permissions, ACLs can be changed by using the chacl com- 
mand and listed using the Isacl command. It is important to note 
that some standard UNIX commands do not understand ACLs 
and consequently may cause them to be silently removed (i.e., 
chmod without the -A option, cpset, tar, cpio, etc.). If ACLs are 
used, system backups should only be performed using the fback- 
up and frecover utilities, since only these 
programs will save and restore ACL set- 
tings on files. 

Directories are actually files in UNIX 
that have a predefined structure that cre- 
ates a linkage or map between file names 
and “inode” indices. “inode” entries con- 
tain information about the file such as file 
location, permissions, owner, and group. 
It is possible for multiple file names to 
have the same inode number, and this is 
a special file type known as a “link.” Both 
file names actually reference the same 
physical locations on disk (or the same 
physical device). A directory file (like a standard file) has a set 
of permissions associated with it. For a directory, these permis- 
sions have different interpretations, however: 

Read permits listing the filenames contained in the 


directory (via the Is and other commands). 


Write and Execute permits changing or removing file names 
in a directory. 
Execute permits access to the files which are 


referenced by file names in the directory 


(inode). 


If a user is allowed write and execute to a directory, any file 
in that directory can be removed, regardless of the individual 
file permission settings. This combination also allows renam- 
ing files and creating new files in the directory — allowing the 
possibility of a user creating unwanted files in a directory, which 
could compromise system security (i.e., a Trojan horse). 
Removing read access from a directory removes the capability of 
listing the file names. However, a specific file could still be ac- 
cessed if the name was known and file-level access granted access. 
Some UNIX subsystems take advantage of this ability for main- 
taining security while still allowing some access. 
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Home directories of users, defined in the /etc/passwd file, 
should not be writeable by all users, since a file could be added 
or removed by any user on the system. A command to check for 
writeable directories that are ‘home’ to a user 1s: 


$ find ‘awk -F: '{print $6}' /etc/passwd> \ 
-prune -perm -02 -exec ls -ld {} \; 


The PATH variable, which is usually set in either the glob- 
al profile script or the user script, identifies the directories the 
user’s shell program will search when attempting to execute a 
command or script. If the user does not qualify a command or 
script name (by specifying the directory in which the file is lo- 
cated), the shell will by default search each directory in the 
PATH variable for the specified name. This functionality makes 
using UNIX much easier, but also opens the door for potential 
disaster. For example, if the PATH variable consisted of the 
directory “.” (meaning the current directory) or any world- 
writeable directory, a file or script could be executed that was 
not intended by the user. In the current directory, a file named 
‘Is’ could exist that would remove all files in the directory. When 
an unsuspecting user in that directory attempted to list the files 
(or so they thought), all files for which the user had write per- 
mission would be removed. This use is fairly obvious; howev- 
er, consider the same PATH variable set for the root user. A 
script with the same name as one or more common commands 
could exist that performed some function such as creating a 
new user id with super-user privileges, and then executed the 
original command. The unsuspecting user would not even know 
that the bogus script had been executed. ‘Therefore, the PATH 
for super-users should contain only the directories ‘/bin’ and 
‘/usr/bin’, with appropriate security maintained on each of those 
directories. 

With this in mind, the user-level profile (.profile or .login) 
should contain at least the following security related com- 
mands: 

» Ensure the PATH variable is set securely 
= Use umask to set greater restrictions on new files 
# Display the last time this user logged on 


This could be accomplished with the following shell script 
portion: 


PATH=/bin:/usr/bin 
export PATH 
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umask 27 

set - ‘ls -lc .last_login® 

echo "The last record login was on $6 $7 at $8" 
touch .last_login 


A user’s login startup script should not allow modification by 
anyone else on the system. To verify compliance use the fol- 
lowing commands: 


$ find ‘awk -F: '{printf %4s/.profile\n", $6}' /etc/passwd* \ 
-prune -perm -Q22 -exec ls -l {} \; 

$ find ‘awk -F: '{printf %s/.login\n", $6}' /etc/passwd° \ 
-prune -perm -022 -exec ls -l {} \; 

$ find ‘awk -F: '{printf %s/..cshrc\n", $6}' /etc/passwd° \ 
-prune -perm -022 -exec ls -l {} \; 


Device Files 

In UNIX, like MPE, physical devices are referenced and ac- 
cessed via standard file names. However, unlike MPE, UNIX 
actually has a file that exists in the directory for the devices on the 
system, including device files that refer to memory, networking 
interfaces, swap areas, and kernel (Operating System) virtual 
memory. Granting access to these files allows access (read/write) 
to the devices themselves. By convention, these device files re- 
side in the /dev directory, although a device file could exist in 
any subdirectory. 

Unsecured device files not only open up the possibility of a 
hacker being able to read any portion of the disks or memory, but 
also provide the ability to write over any data contained on a de- 
vice, thus potentially destroying data or the operating system it- 
self. In general, make sure that any disk, memory (/dev/mem 
and /dev/kmem) and other device files are secure from all “other” 
access (i.e., chmod 600 <files>). One exception may be to allow 
greater access to a magnetic tape or cartridge tape drive file, de- 
pending on the operating environment. The owner of these files 
should be ‘root’, and the group id ‘sys’. Changing the group id 
associated with a set of device files would allow certain classes of 
users access to devices. For example, an ‘operator’ group may 
allow access to the tape device files for backup and recovery pur- 
poses for those user ids that are members of the group. ACLs 
could also be used further to define access by a specific set of 
users for special purposes. For management purposes, device 
files should reside only under the /dev directory. Uhe follow- 
ing command will locate any block or character device file on 
the system: 
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$ find / -hidden -name /dev -prune -o \( -type b -o \ 
-type c \) -exec ls -l {} \; 


Directly attached terminal devices also have a device file asso- 
ciated with them, known as a ‘tty’ device (since the name usually be- 
gins with the letters ‘tty’). The permissions and owner/group ids of 
these device files are modified during the login process to allow 
access for the current logged-on user. Typically, the “other” write 
permission is also allowed — this permits any user on the system 
to send messages directly to your screen through the write command 
(or directly by accessing the device file). This write permission can 
be disabled using the mesg n command (mesg y re-enables write 
access). This is similar to “SETMSG OFF/ON” in MPEAX, which 
disallows a terminal from receiving messages from users via the 
“TELL” command. As soon as the user logs off the system, the 
ownership of the tty device file is changed back to ‘root’. 


Set User ID (setuid) and Set Group ID (setgid) 

There are two additional flags maintained as part of the file per- 
mission settings known as the setuid and setgid bits, identified 
by the letter ‘s’ or ‘S’ in the owner-execute (for setuid) or group- 
execute (for setgid) positions of the file permission settings. 

Whenever a program (or shell script) is executed, there are four 
numbers associated with that process: the real and effective user 
id, and the real and effective group id. During the login process 
the real and effective id pairs are set to the user id and group id 
from the /etc/passwd file for the user name. However, when a user 
executes either a setuid or setgid program, the corresponding 
effective id is changed to that from the inode of the file. The 
user then has temporary rights and privileges of the file’s owner 
and/or group. 

The most dangerous case exists for “setuid to root” programs 
and shell scripts. In this case the owner of the file is the root user 
and the setuid bit is set (this bit can be set via the chmod com- 
mand), and the executing user will temporarily have super-user 
privileges, until the program terminates. Certain programs with- 
in UNIX use the capability to perform required work, such as 
passwd, which requires temporary super-user rights to be able 
to change the password field in the /etc/passwd file. Setuid or 
setgid shell scripts should never be used or exist, since they rep- 
resent a large potential security problem. It is much easier for 
someone to change a shell script to add “hidden” functionality than 
it is to modify an executable file. A common tactic used by hack- 
ers of UNIX systems is to create a copy of one of the standard shell 
programs in a directory in which any user has execute access to 
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program files and change the owner to root and set the setuid 
bit. From then on, any knowing user can execute the setuid-to- 
root shell and gain complete access to files and commands. As 
described above, this act of copying and changing modes could 
actually be performed by a legitimate super-user without their 
knowledge, if the PATH variable is not set properly. 

To locate setuid and setgid programs on the system, the fol- 
lowing commands could be used (setuid-to-root programs could 
be critical, setuid to other users is less critical, but both should 
be investigated): 


$ find / \(€ -perm -4000 -o -perm -2000 \) -exec ls -ld {} \; 


Monitoring System Activity 

Maintaining a secure system is a process, and aside from es- 
tablishing the policies, procedures, and controls to restrict access 
to the system and resources, continual monitoring of the activ- 
ity on the system is required to ensure compliance with the poli- 
cies. This involves examining system logs for various activity 
and extraordinary circumstances, identifying modifications to 
established security controls, and, in general, isolating attempts 
to defeat the security mechanisms of a system. 

UNIX systems can be enabled to log both successful and un- 
successful attempts at logging onto the system. The following log 
files can exist on the system to record access information: 


LOG FILE TYPE OF INFORMATION ACCESSED BY 
/etc/utmp Records which users are who command 
currently logged on 
(similar to JMAT table 
in MPE) 
/etc/wtmp Records each login and who /etc/wtmp 
logout information /etc/last (matches login 
and logout records to 
show time logged on) 
/etc/btmp Records unsuccessful /etc/lastb 
login attempts 
/usr/adm/sulog Records successful & more (file is ASCII 
unsuccessful attempts to readable) 


“switch user” with the 


su command 
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These files are only written to by the login and su programs 
if they already exist, otherwise no record is maintained. To cre- 
ate these files, log in as root and touch each of the file names to 
create them (i.e., touch /etc/wtmp /usr/adm/sulog). These logs 
are similar to the logging of “Job Initiation” and “Job 
Termination” events within the MPE logging facility. 

HP-UX also has additional accounting facilities for logging 
a variety of additional information. This accounting informa- 
tion can be enabled (usually at boot time in the /etc/re file) by ex- 
ecuting the /usr/lib/acct/startup command. Additional 
process-level logging information is recorded in various files, 
including /usr/adm/pacct. The HP-UX accounting facility in- 
cludes a number of utilities to provide formatting and summa- 
rizing of the logged information, including: 


acctcms Produce command execution summary report 
(used by runacct) 
acctcom Produce detailed process reports from 


/usr/adm/pacct (used by runacct) 
acctconl and Generate connect time information 
acctcon2 reports (used by runacct) 


acctprel and Generates CPU usage information by 


acctprc2 user id (used by runacct) 

acctdusg Calculates disk usage by login name 

ckpacct Checks the /usr/adm/pacct log file. If it has 
exceeded a specified size, the existing log is 
renamed and a new one is created (similar to 
SWITCHLOG in MPF) 

dodisk Checks current disk space usage and creates a 
“snapshot” of the information 

monacct Produces monthly accounting report files 

prdaily Generate previous day’s accounting report 

runacct Produces daily accounting reports 

startup Enables logging of additional accounting 
information 

shutdown Appends a shutdown record and disables logging 


These accounting commands and utilities are typically used 
in conjunction with cron (the batch scheduler) to execute ac- 
counting report daily (and/or monthly) and to monitor the size 
of the log files. These tools can provide very detailed historical 
information of activity of users on the system and may be very 
useful in determining a sequence of events in the event of a se- 
curity break-in. 

In addition, HP-UX can be converted to a “Trusted System” 
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fairly easily using the “SAM” utility. Prior to converting to a 
trusted system, all known potential security holes should be re- 
moved, permissions modified, and user ids validated. Once you 
have converted to a trusted system, the only way to remove this 
state is to re-install the operating system. 

Once executing in a trusted state, additional auditing features 
are available to the system administrator. ‘These include: 
# Ability to audit specific user ids 
= Audit logins, run state changes 
= File permission changes, acl and ownership changes 
» Administrative commands, file creation, deletion and access, 

process creation and termination 

= User-defined logging events 
= Some network related events (socket level calls) 


Certain programs, utilities and portions of the kernel have 
been instrumented to capture and log these events when exe- 
cuting as a trusted system. Primary and secondary log files are 
maintained, and reporting tools are provided for analysis. 
However, auditing does increase system overhead, and perfor- 
mance considerations must be weighed against the security in- 
formation. Selective logging of specific events can reduce the 
amount of overhead on the system substantially. 

In order to assist the system manager in monitoring the in- 
tegrity of system and application files, HP-UX allows a user to 
create “pdf”s or “Product Description Files.” A pdf file contains 
information about a file or set of files on the system, including: 


pathname Absolute pathname of file 

owner Either symbolic or numeric ID of user 

group Either symbolic or numeric ID of group 

mode Symbolic representation as displayed by the ‘Is -I’ 
command 

size Size of the file in bytes. Major and minor numbers 

are included for device files 

links Number of hard links to pathname 

version Numeric value, reported by the what(1) command 

checksum File contents computed by a checksum algorithm. 
This field reflects the slightest change to a file, 
even a single character 

linked_to Indicates whether the file has symbolic or hard links 


Using the command ‘mkpdf? to create the pdf file, the system 
manager can later use this file to identify changes (file size, file 
contents, permissions, ownership, etc.) to critical files in the sys- 
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tem. Using the command ‘pdfck’, the system will compare the 
contents of the specified pdf file with the current calculated val- 
ues of the files as they currently exist in the system. ‘pdfck’ re- 
ports any differences. ‘pdfdiff could also be used to compare 
two pdf files for differences and report those to the user. The 
system manager should pay particular attention to any report 
of modification to: 

= Mode permission bits 

# Owner ID and group ID 


= Checksum differences 


When HP-UX is installed or a new HP product is added 
to the system, a pdf file is automatically created for each ‘file- 
set’. These pdf files are placed in a file ‘/system/<fileset>/pdf? — 
one file for each fileset (a fileset is a logical grouping of files 
for a particular HP-UX system component or application). A 
system manager could use ‘pdfck’ against these files to provide 
an integrity check of HP-UX’s system files. If pdf's are used to 
check file integrity, ensure the pdf files are maintained in a se- 
cure directory. 


Network Security 

Security of the networking components of a system (i.e., 
UUCP, NFS, ARPA/Berkeley services, NS, RPC, DCE) are 
unique to each service. Specific security issues relating to these 
products are not addressed by this article; however, if a system 
has any of these services installed, the security controls available 
should be reviewed, understood, and implemented since many 
of these services can gain access to a system without requiring the 
login process. Specific to review include: 
= inetd.conf, /etc/services and inetd.sec file parameters and per- 

missions 

= .rhosts file usage 
= hosts.equiv 
= /etc/exports and /etc/netgroup 
# Anonymous FTP capability 


Summary 

This article has provided an introduction to many of the 
UNIX system security related issues that have surfaced over the 
years. It is the responsibility of the management of an organization 
and every user of the system to maintain security in their “op- 
erating domain.” Without the full commitment of all involved, 
the task of maintaining a secure environment by a few individ- 
uals is difficult, if not impossible. Up-front planning through 
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established policies and procedures is key to the successful im- 
plementation of security controls and the on-going monitoring 
and auditing activities required of the system administrator. 
These activities must become a standard operating procedure 
in the day-to-day maintenance of the system, and plans must be 
established in advance for handling and recovering from a po- 
tential security breach. 
“An ounce of prevention is worth a pound of cure.” 
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Throw a lifeline out to other CSL users and win a free 
one-year INTEREX CSL/site Membership 

Tell INTEREX how a specific CSL program helped 
you do your job. The CSL Committee will be 
choosing the three stories that best illustrate the value 
of CSL programs in real life situations. ‘The winners 
will be announced at the 19th annual INTEREX HP 
Computer Users Conference. Your “Life Saver Story” 
may be published by INTEREX so that other HP 


users can benefit from your CSL experience. 
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ClockWise Group 
Scheduling software 


Group Scheduling Software 
Phasell Software Corp. has announced 
the immediate availability of its newest re- 
lease of ClockWise for HP-UX and other 
UNIX platforms. The new release features 
improved name list handling in an address 
book style and an enhanced database design 
for interoperable UNIX and DOS/Novell 
environments. ClockWise 2.0 for Novell 
and PC/NFS is targeted for general avail- 
ability in the first quarter of 1993. 
ClockWise extends many personal in- 
formation manager features such as calen- 
dars, notes, to-do lists, and address books 
to a group of people. ClockWise is de- 
signed to help groups avoid scheduling 
conflicts, to help managers 
delegate and monitor pro- 
jects and tasks, and to 
maintain a complete record 
of company activities. 
DOS/Novell interoper- 
ability enables users to 
share calendar access across 
the UNIX and DOS plat- 
forms. The user interface 
will be the same for users 
under each platform. 
Name and address en- 
hancements enable users 
to attach events, tasks, and 
messages to contact names 
to keep track of client his- 
tories along with name and 
address information. The name and ad- 
dress database may be shared among users. 
Messages, a communication capability 
combining attributes of a bulletin board 
system and e-mail, allows messages to be 
posted and edited by a group of users and 
logs the time of communications. Mes- 
sages, events, and tasks may be grouped to- 
gether as part of a project, so all the 
information relating to an activity may be 
kept and recalled easily. 


International time and data formats en- 
able users in countries other than the U.S. 
to use ClockWise in a form that is famil- 
iar to them. 

Other features and improvements in 
ClockWise 2.0 include: (1) expanded se- 
curity to six permission levels controlling 
access to the schedules; (2) customizable 
printout style sheets; (3) expanded group 
handling to more than 1,000 users; (4) an 
expanded array of defaults for personalized 
use; and (5) free-time search, which can find 
the best fitting time for scheduled events. 

Floating license cost depends on the 
number of workstations, terminals, or other 
displays connected to the system. The 
number of tokens represents the number 
of users who may simultaneously access 
ClockWise. All systems allow an unlimit- 
ed number of users to sign onto the sys- 
tem, but not all at the same time (subject to 
hardware or operating system limitations). 
A suggested number of users suitable for 
each system is given with the price: 


1 Token suitable for 1-2 users (1 manual) $279 
3 Token — suitable for 3-8 users (2 manuals) $499 
5 Token suitable for 5-15 users (3 manuals) $199 
10 Token suitable for 10-30 users (3 manuals) $1,359 
25 Token suitable for 25-75 users (3 manuals) $3,199 


Media Charge 


# Diskettes, Free 

# Dual Diskettes 
(3.5-inch and 5.25-inch), $5 

= 1/4-inch tape, $20, TK50 tape, $30 

= License upgrades range from $265 to 
$3,000, depending on number of addi- 
tional users. At least one system is need- 
ed for upgrade Pak. 

For more information, contact Phasell 
Software Corporation, 444 Washington St., 
Suite 407, Woburn, Massachusetts 01801, 
ph: 617/937-0256, fx: 617/937-0098. 
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New GUI Shop Floor Data Manager 

Industrial Computer Corporation (ICC) has 
announced its new OSF/Motif graphical user in- 
terface (GUI) and complimentary character ter- 
minal windowing system for its Shop Floor Data 
Manager (SFDM). The GUI is designed to pro- 
vide maximum performance and long-term flexi- 
bility and to enhance ease of use across user 
interfaces without end-user retraining. [This is not 
just a frontend, but a windowing system built right 
into the application. The new user interface is 
slated for release in the first quarter of 1993. 

Shop Floor Data Manager/SFDM is a power- 
ful manufacturing execution system for discrete 
industries such as automotive, electronics, and 
aerospace. SFDM addresses key manufacturing 
issues: resource and labor management, product 
and material traceability, and mission-critical data 
collection. ‘The system collects, monitors and val- 
idates shop floor information in real time using 
character and OSF/Motif windowing systems, bar 
code readers, laser readers, RF terminals, work- 
stations and other devices in a client-server envi- 
ronment. In addition, SFDM integrates easily with 
COMMS/MRP II, PLCs, cell control systems and 
a variety of SQL database systems including 
Oracle, Informix, and Ingres. 

The core of SFDM is a central database that 
contains design details, packaging requirements, 
specifications, routings, and a model of factory 
processes. The solution is built upon ICC’s CAP 


‘TURE application enabler, which provides a flex- 
ible framework that can be easily adapted to fu- 
ture changes in manufacturing, business, and 
technology. 

ICC’s solutions run on Hewlett-Packard’s HP 
9000 Series 700 and HP 9000 Series 800 systems. 
ICC is a Hewlett-Packard Premier Solution part- 
ner (PSP). 

For more information, contact ICC, 5871 Glenridge 
Drive, Suite 300, Atlanta, Georgia 30328, ph: 
404/255-8336, fx: 404/250-0602. 
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Database Browser for Sybase 
Bluestone Products and Relaview have 
announced the February availability of 
the newest release of db Viewer, version 
1.8, an OSF/Motif-based database 
browser for Sybase. With db Viewer 
users can browse, update, insert, and 
delete information through an easy-to- 
use graphical interface. Version 1.8 also 
allows users to format and print custom- 
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formatted results, commit and roll back 
transactions, and retrieve multiple re- 
sults from stored procedures. It also has 
an improved user interface. 

db Viewer is designed to provide easy, 
quick database access, graphical displays of 
tables and views, and queries for instant ac- 
cess and updates. Programmers save appli- 
cation development time by being able to 
simply generate, test, and save SQL queries. 


The developer’s kit costs $1,495, and 
a user license is $495. Volume discounts 
are available. 

db Viewer was developed by Relaview 
and is marketed, distributed, and sup- 
ported by Bluestone. 

For more information, contact Chris 
Baeckstrom, Bluestone Products, 1200 Church 
Street, Mt. Laurel, New Jersey, 08054, ph: 
609/727-4600, fx: 609/778-8125. 


I H/USE 


INTEREX is 
your HP-UX 
advocate 


ad © vo ¢ cate: to plead in 
favor of, see support 


HP-UX users can rely on INTEREX, 
a 7,500-strong membership organi- 
zation, as a powerful channel to 
Hewlett-Packard. INTEREX is 
committed to supporting HP-UX 
users through volunteer committees 


and special interest groups: 


SIGUNIX— The Special Interest 
Group for UNIX, meets at the annual 
INTEREX HP Computer Users 
Conference to discuss areas of 
concern unique to HP-UX users and 


to share solutions. 


Systems Improvement Committee 
—The SIC HP-UX pinpoints specific 
user needs for the HP-UX operating 
system and presents its requests for 
system upgrades, etc, directly to 
Hewlett-Packard. 


Advocacy Coordinating 
Committee—The Advocacy 
Coordinating Committee facilitates 
communication between HP-UX 
users and Hewlett-Packard, enabling 
users to have specific concerns 
referred directly to the accountable 
HP executive. This committee tracks 
and manages all advocacy requests 
and publicly discloses the outcome of 


all advocacy isssues. 


The International Association of 
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IAs 


The » Right Eielonait Right Now. 


TECHNICAL S& 2040 West Sam Houston Parkway N. 
Ss Cie NT iF ft Mm Houston, Texas 77043 


APPLICATION [elephone 713 935-1500 - 
INcCORPORAT Ec wD Fax7i3 935 1555 


1800 422 4872 
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Give Us a Call for ALL Your 
HP/Apollo Needs. 


We Cannot be Undersold! 


We Are One of the Largest 
Independent Distributors in the U.S.A. 


WE HAVE IT ALL!! 


Everything from DN580 - DN10,000 
HP 9000 Series from HP400 through HP750 


ALSO 
Spares and Complete Systems in Stock 
* 24 Hour Delivery Available 


* 90 Day Warranty On All Workstations & Spares 
* Complete Export Services Available 


We Also Buy, Rent & Lease! 


S.A.R. INCORPORATED 


11 Rogers Road, P.0. Box 8161 Haverhill, MA 01835-0461 
Telephone (508) 521-6656 Fax (508) 372-0999 
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Systems Management 

Computer Associates International, 
Inc. has announced that CA-UNI- 
CENTER, its systems management 
product for mission-critical applica- 
tions, will be generally available first 
quarter 1993. 

CA-UNICENTER is reportedly 
the first commercial grade solution for 
UNIX systems management, provid- 
ing automation, cost savings, and data 
integrity. Key features include: backup 
and archiving, tape protection and man- 
agement, workload management, con- 
sole automation, report distribution, 
help desk, performance management, 
print spooling, security (including con- 
trol of the powerful superuser), and re- 
source accounting and chargeback. 

CA-UNICENTER employs sin- 
gle-point, object-oriented systems and 
security:administration, allowing all 
functions to interoperate and be easi- 
ly accessible. Common ANSI relational 
database and security administration 
are designed to allow all functions to 
interoperate and be easily accessible. 

A common ANSI relational data- 
base stores all information making data 
required to manage the UNIX envi- 
ronment as easily accessible as systems 
functions. The ability to integrate 
value-added products is another ben- 
efit. For example, CA was able to in- 
clude the CA-20/20 graphical spread 
sheet as an integral part of CA-UNI- 
CENTER without any extra develop- 
ment effort. 

An intuitive OSF Motif graphical 
user interface offers ease of learning 
and use. Comfortable switching be- 
tween modules or between networked 
computers is another benefit. Because 
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CA-UNICENTER for UNIX 
systems management 


the user interface is separated from the 
product, conversion to OS/2 and 
Presentation Manager can be accom- 
plished quickly and with few problems, 
the company notes. 

A common host event notification 
facility (ENF) acts as a bulletin board 
for key systems information for all CA- 
UNICENTER components. Acting 
as an invisible “traffic cop,” ENF 
buffers CA-UNICENTER from op- 
erating system dependencies. 

CA-UNICENTER is currently 
available in BETA status on HP-UX. 
Pricing starts at $4,000. 

For more information, contact 
Computer Associates International, Inc., 
One Computer Associates Plaza, Islandia, 
New York 11788-7000, ph: 516/342- 
5224, fr: 516/342-5329. 


NetWare Emulation Software 

Puzzle Systems Corporation has port- 
ed its SoftNet Utilities NetWare emula- 
tion software product to HP 9000 Series 
700 and 800 UNIX platform families. 

In addition to its existing UNIX capa- 
bilities, SoftNet Utilities provides HP 
Apollo Series 700 and HP Series 800 sys- 
tems with NetWare 2.2 and 3.11 server 
emulation, allowing them to also perform 
as Novell-compatible file servers to PC 
NetWare clients. 

PC NetWare clients can directly and 
transparently access the UNIX file sys- 
tem and printing resources without the 
requirements of UNIX disk participat- 
ing, reconfiguration of the UNIX kernel, 
or adding drivers to the PC NetWare 
clients. Likewise, HP workstation users 
can also easily send their print jobs to the 
NetWare print resources. 

Pricing has been established at $1,295 


IpHdy/st 


HP Computer 
Users 


Conference 
& Expo 


HP-UX & 
Workstation Focus 


Since 1976, INTEREX has been 
the premier source of information 
about Hewlett-Packard computers 
and related products and services. 
The INTEREX HP Computer 
Users Conference & Expo will be 
held September 19-23, 1993 at 
the Moscone Center in San 
Francisco, California, and is the 
largest gathering of HP users. 


Daily conference themes include; 
Future Strategies, Object Database 
Technology, Open Systems, and 
“Rightsizing”. A plenary or Keynote 
session will be offered each day 
covering the major themes. 


We have put special emphasis this 
year on the HP-UX and Workstation 
tracks. These tracks will focus on 
topics such as: Networking, Graph- 
ical User Interfaces, Application 
Development, System Administra- 
tion, Evaluating Systems, Migration, 
Client-Server, Commercial Applica- 
tions, and X Terminals. 


FOR DETAILED PROGRAM AND 
REGISTRATION INFORMATION 
CALL INTEREX AT (800) INTEREX 
or (408) 747-0227 for International 
calls) OR FAX US AT (408) 747-0947 


WITH YOUR NAME AND ADDRESS. 


lf Network Printing Problems 
Are Giving You Nightmares... 


You Need UNISPOOL! 


Networked printers can cause as many problems as they solve. 


That's why UNISPOOL was designed to meet your specific network printing 
problems. UNISPOOL offers solutions to problems associated with network 
environments where there are diverse applications, multiple printing resources and 
little room for error. UNISPOOL can manage your spoolfiles effectively, efficiently, 
and securely even in mixed computing environments. 


UNISPOOL is installed on thousands of machines throughout the world and is used 
by 40% of America's Fortune 500 companies. 


UNISPOOL is available on a wide variety of operating systems and PC servers: 
® HP MPE V/XL ° IBMAIX ° LAN Manager OS/2 
°® HP HP-UX * SCO UNIX ® NOVELL 

® HP/Apollo DOMAIN ® DEC ULTRIX 


If you have nightmares just thinking about your network printing environment, 
contact us for a free demonstration. 


UNISPOOL — The World's Premier Network Printing Solution. 


NORTH AMERICA EUROPE 

Holland House Holland House bv 
P.O. Box 91027 Molenkempsweg 1 
Austin, TX 78709 5306 ZX BRAKEL 


Tel: (512) 288-7540 HOLLAND Netherlands 
Fax: (512) 288-4240 HOUSE Tel: +31 (4187) 3000 
Fax: +31 (4187) 3060 
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UNIX Fax Software 

V-Systems Inc., developer of the VSI FAX UNIX facsim- 
ile system, has officially announced the availability of FxServer 
2.0, a highly integratable computer fax solution for the HP 
9000/7XX and 8XX Systems. Two other models have also 
been announced: FxVision, a complete X Window-based fax 
management system, and FxScript, a PostScript-compatible in- 
terpreter for fax. 

FxServer 2.0 is designed to be easily integrated with any 
software application in the same way as the UNIX line print- 
ing utility, performing its job much the same as the Ip spooler. 
Applications that print directly to “Ip” may be configured to use 
a remote printer interface, which automatically handles rout- 
ing of the fax transmission to the server. ‘This enables developers 
to customize their systems with fax capabilities and enables 
end users to fax directly from existing applications. 

FxServer significantly upgrades version 1.2 introduced in 
mid-1991 with group requests, VGA viewing capability, Class 
Il modem support, a menu-driven interface, automatic cover 
sheet generation, and fax printing support from Postscript 
and Epson printers. 

FxServer schedules fax transmissions and manages fax re- 
ceipts. Functions include file conversions, directory manage- 
ment, scheduling, and fax activity logging. Customized cover 
pages can be created using company logos, personal signa- 
tures, and optional memos. ASCII and image files can be com- 
bined in any document to be faxed. Group broadcasts can be 
faxed with individual cover sheets, and users can be informed 
when their fax transmissions have been completed. In addition, 
FxServer notifies users of inbound transmissions, stores all 
inbound fax images to the UNIX file system, and optionally 


FAX TRANSMISSION 
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V-Systems FxServer 2.0 


routes the images to other users or printers depending on the 
identification given to the sending fax machine. 

FxVision, based on the Motif library and style guide, enables 
the user to view, send, receive, print, archive, and manage fax 
documents using pull-down menus, option lists, and standard 
defaults. Faxes can be sent with modifiable preformatted cover 
sheets. Received faxes also can be notable and distributed to 
other users throughout the network. 

FxScript, a PostScript-compatible interpreter, allows users 
to fax PostScript documents directly from applications that 
support the page description language such as FrameMaker, 
WordPerfect, Lotus 1-2-3, and Corel Draw. FxScript allows 
for the full decryption, decoding and rendering of Adobe 
Type I fonts with hints, and provides facsimile output reso- 
lution of 200 x 200 or 200 x 100 dpi. 

FxServer now supports the MultiTech line of class I fax 
modems. 

Prices for the HP 9000 7XX are $1,495 for FxServer, $795 
for FxVision, and $395 for FxScript. Prices for the HP 
9000/8XX are $1,895, $995, and $595, respectively. 

For more information, contact V-Systems, Inc., 39 Brookhollow 
Drive, Santa Ana, California 92705, ph: 714/545-6442, fx: 
114/545-7653. 


(16 concurrent user license), $1,995 (32 
concurrent user license), $2,995 (64 con- 
current user license), $3,995 (100 concur- 
rent user license), and $5,495 (250 con- 
current user license). The products are now 
available from authorized Puzzle Systems 
resellers and distributors worldwide. 

For more information, contact Puzzle 
Systems Corporation, 16360 Monterey Road, 
Suite 250, Morgan Hill, California 95037, 
ph: 408/779-9909, fre: 408/779-5058. 
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OCS Distributors in Europe 
And South America 

Operations Control Systems has signed 
agreements to distribute its data center 
management products in the U.K., the 
Netherlands, and Brazil. Products included 
under these agreements are: CHARGE- 
BACK-UxX for cost allocation and resource 
management, PRIVATE for password 
management and access control, TAPE 
for tape library management, and Cross- 


Link for remote command initiation on 
UNIX systems. 

The partners in these agreements are 
Orion Europe Ltd., Stellingwerf Beintema 
B.V., and Exempla Informatica. 

For more information on OCS products in 
the U.K., the Netherlands, or Brazil, contact: 

Orion Europe Ltd., 4 Troon Close, Sutton 
Coldfield, West Midlands B75 6UQ U.K. 
ph: 44 21/311 1841 fx: 44 21/311 1862 

Stellingwerf Beintema, Zijlweg 144, 2015 
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BH Haarlem, Netherlands ph: 31 23/314192 
for 31 237325993 

Exempla Informatica, Praca Morungaba 
156, Jardim Europa, 01450 Sao Paulo, 
Brasil 55 11/282 5645 (phone and fax) 

To contact OCS worldwide head- 
quarters: 

Operations Control Systems, 
360 San Antonio Road, Palo ¥ 
Alto, California 94306 USA ph: 
415/493-4122 fre: 415/493-3393 


PL/I Compiler 

Liant Software has announced the im- 
mediate availability of its LPI-PL/1 com- 
piler with CodeWatch X/Motif-based 
debugger on HP’s PA-RISC-based work- 
stations. 

LPI-PL/I enables programmers to 
downsize existing PL/I applications orig- 
inally developed on proprietary IBM and 
Digital computers to UNIX systems. It 
provides a high productivity development 
environment for HP Apollo 9000 Series 
700 workstations. The product evolved 
from a joint effort with HP. 

LPI-PL/I applications developed on 
machines such as Sun’s SPARCstation, 
Intel 386 and Intel 486-based platforms, 
and IBM’s RS/6000 workstation are 
source-code compatible with HP Series 
700 workstations. A common language 
across multiple architectures allows the 
developer to easily support a multiplat- 
form computing environment. 

The LPI-PL/I compiler conforms to 
the 1981 ANSI PL/I General Purpose 
Subset standard and contains numerous 
extentions to aid programmers in port- 
ing applications. 

CodeWatch, an X/Motif source-level 
debugger, provides an interactive debug- 
ging environment and uses the symbols and 
conventions of the source language. It is 
bundled with all Liant LPI-series compilers. 


Ips 


LPI-PL/I and CodeWatch for HP 
Apollo 9000 Series 700 workstations is 
available immediately with a U.S. single- 
user list price of $2,995. 

For more information, contact Liant 
Software Corporation, 959 Concord Street, 
Framingham, Massachusetts 01701-4613, 
ph: 872-8700, fx: 508/626-2221. 


Memory Upgrades 

Clearpoint Research Corporation has 
announced memory upgrade kits for HP’s 
new 9000 workstations Series 715, 725/50, 
735, and 755. 

According to the company, the offer- 
ings include the industry’s first 128 MB 
SIMM for the Series 715, 725 and 730, 
as well as a 128 MB upgrade for the Series 
750 and 755. The 128 MB upgrades use 
16 MB DRAM technology and Clear- 
point’s patented mother-daughter card 
design. 

Other HP memory upgrades an- 
nounced are 8 MB, 16 MB, 32 MB, and 
64 MB upgrade kits for Series 3000 and 
9000 systems. Overall, pricing ranges from 
20 percent to 40 percent below memory 
upgrades offered by Hewlett-Packard, the 
company notes. 

The 128 MB upgrade kits for the HP 


Clearpoint 


Memory Upgrade 


9000 Models 725 and 750 will be avail- 
able in March 1993. Prices for the up- 
grades are as follows: 

System Product (upgrades) List Price (S$) 
HP 3000 Models 9X7 = HPME-897/16 (16 MB) 2,100 


9000 Models 8X7 = HPME-897/32 (32 MB 4,900 
HPME-897/64 (64 MB 8,300 


— 


HP $000 Models 715, HPME-725/16 (16 MB) 1,800 
725/90, 739 HPME-720/32 (32 MB) 4.114 
HPME-725/64 (64 MB) 9,200 

HPME-725/128 (128 MB) 17,900 


— “Ss 


HP $000 Model 755 = HPME-725/16 (16 MB) 1,800 
HPME-750-32 (32 MB) 3,857 
HPME-750-64 (64 MB) 7,600 
HPME-750/128 (128 MB) 18,500 


For more information, contact Clearpoint 
Research Corporation, 35 Parkwood Drive, 
Hopkinton, Massachusetts, 01748, ph: 
508/435-2000, fx: 308/435-7504. 


Remote Watch 

HP has announced an enhancement to 
its multivendor systems-maintenance of- 
fering. HP RemoteWatch, a systems mon- 
itoring tool, saves system administrators 
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time by automating routine system mon- 
itoring activities and proactively assisting 
with problem identification and resolu- 
tion. HP RemoteWatch was first intro- 
duced several years ago for HP’s single- 
user, networked workstations and was ex- 
tended in June of 1992 to cover HP’s 
UNIX system-based servers. Now HP 
RemoteWatch on Sun is available to assist 
system administrators and HP support en- 
gineers in Sun SPARC environments. 
HP RemoteWatch will now monitor 
mixed networks of HP-UX systems and 
Sun SPARCsystems from a single system. 
The software provides system adminis- 
trators with fast, easy access to system in- 
formation and sends notification daily if 
configuration changes occur. System com- 
ponents monitored include system CPU 
and backplane, mass storage devices, line 
printers, LAN cards, diskless clients, log 
and core files, file system security, and the 
operating system kernel. 
HP RemoteWatch is designed to re- 
duce system downtime by proactively 
identifying and notifying system admin- 
istrators of system problems via electronic 
mail. ‘Typical messages include notifica- 
tion that system disk space is nearly ex- 
hausted, log files are too large, printers 
are disabled, LAN error rate thresholds 
have been exceeded, or a system error has 
occurred. Critical messages are mailed 
immediately, and all messages are archived 
to provide system administrators and HP 
support engineers with the information 
necessary to expedite problem resolution. 
In addition, the tool provides the fol- 
lowing innovations: 
= treats the server, clients and peripherals 
as one complete system 

= accesses information from the systems 
managed by a system administrator 
using networking daemons that elimi- 
nate the need to log on 
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= uses a Motif-based graphical user inter- 
face to display a logical map of systems 
allowing system administrators to access 
all systems worldwide from a single kit 


HP RemoteWatch on Sun is offered 
free of charge to all customers who have 
HP hardware maintenance service coverage 
for their Sun systems. Sun hardware main- 
tenance is one of the many multivendor 
maintenance capabilities HP offers. 


CDDI Adapters for 
HP/Apollo Workstations 

Crescendo Communications has an- 
nounced what is reported as the first 32- 
bit EISA (Enhanced Industry Standard 
Architecture) adapters for the HP/Apollo 
Series 700 workstations that support Fiber 
Distributed Data Interface (FDDI) over 
unshielded twisted pair (UTP), shielded 
twisted pair (STP), and fiberoptic cable. 

The EISA Adapter, C321M-HP 
FDDIEISA Adapter, C325 CDDI EISA 
Dual-attach Option, and C316M FDDI 
EISA Dual-attach Option provide 100 
Mbps connections for an HP workstation 
to any FDDI or CDDI concentrator, such 
as the Crescendo Workgroup Concen- 
trator. Single-attach adapters require a 
single slot. The dual-attach option re- 
quires a second slot. All products support 
the Simple Network Manage- 
ment Protocol (SNMP) agent 
and are compatible with SNMP- 
based network management 
platforms such as HP’s Open- 
View. 

Also announced is an 
SNMP network management 
application, the C1802 Cre- 
scendo Manager for the HP/ 
Apollo workstation to provide 
remote management of any 
Crescendo concentrator on the 


network, using a graphical representation 
of the concentrator front panel. 

The adapters are designed to provide 
high data throughput with custom Very 
Large Scale Integration (VLSD) logic and 
an on-board processor to handle FDDI 
Station Management (SMT) network 
overhead. The on-board processor keeps 
the node on the FDDI ring even if the 
workstation experiences a system crash. 

Crescendo also reinforced its inten- 
tion to provide a low-cost upgrade for its 
EISA adapters when the emerging ANSI 
copper-FDDI standard is finalized. 
Customers are assured an upgrade to the 
twisted pair standard that is a daughter 
module at no more than 10 percent of the 
list price of the CDDI product. 

In June 1992, the ANSI standards sub- 
committee decided to use Crescendo 
technology as the basis for a new stan- 
dard for FDDI on twisted pair. A draft 
standard is expected in 1993. 

The C320-HP CDDI EISA Adapter 
has a list price of $1,995. The C321M- 
HP FDDIEISA Adapter lists for $2,995. 
The C325 CDDI DAS and C326_M 
FDDI DAS options are available for $695 
and $1,395. The C1802 Crescendo Man- 
ager for HP is available for $895. All prod- 
ucts will be available on March 15, 1993. 

Other products available from Cre- 


ATTENTION VENDORS 


New product announcements 


should be sent to 


Michelle Pollace, New Products 
Editor, hp-ux/usr, INTEREX, 


P.O. Box 3439, Sunnyvale, 


California 94088-3439, USA. 
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Flexibase Releases for HP-UX 

Proactive Systems has announced a new release 
of FLEXIBASE database administration software. 
FLEXIBASE supersedes Proactive’s FLEX- 
IBASE/3000 database for IMAGE/3000 databas- 
es to provide the same high level of functionality 
for both IMAGE and ALLBASE/ SOL. The lat- 
est release of FLEXIBASE/SQL (Version A.05.01) 
is now available for ALLBASE/SQL on both the 
HP 3000 and the HP 9000 systems. FLEX- 
IBASE/SQL is a DBA tool that uses the latest 
client-server technology and an MS-Windows 
GUI front end. It provides a complete set of func- 
tions, including comprehensive information dis- 
plays, object dependency analysis, and DB 
Environment management utilities. 

The latest release of FLEXIBASE/ IMAGE 
(Version D.01.02) includes a number of impor- 
tant new features: improved diagnostic recom- 
mendations which now take account of the 
operating system version; an interactive transmute 
function which allows the database administrator 
to modify a database outline and include a facili- 
ty to optimize blocking factors automatically 
throughout the database; full support for the lat- 
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est IMAGE features announced with MPE/ix 4.0, 
including E-type data items and third-party in- 
dexing; increased speed of several major functions; 
and new distribution in Spanish, as well as con- 
tinued distribution of English, French, and 
German versions. 

For more information, please contact Proactive 
Systems, Four Main Street, Los Altos, California 
94022, ph: 415/949-9100, foc: 415/949-9111. 


scendo are CDDI/FDDI wiring concen- 
trators, SBus adapters for SUN SPARC- 
stations, Micro Channel adapters for the 
IBM RS6000s and EISA adapters for PCs 
and servers. 

For more information contact Crescendo 
Communications, 710 Lakeway Drive, 
Sunnyvale, California 94086-4058, ph: 
408/732-4400, fx: 408/732-4604. 


DOS/UNIX File Transfer 

Almost any PC connected via serial 
hardware can now transfer files and other 
data between any of the popular UNIX- 
type systems using EmPath, a new com- 
munications software package now 
available from LDS, Inc. 
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With a user-defined hot-key, EmPath 
permits switching from DOS to UNIX 
and back again from the DOS prompt 
without exiting applications running on 
either side. In addition, EmPath enables 
DOS users to connect with two separate 
UNIX-type operating systems and have 
both online simultaneously. Up to eight 
different logical sessions at each of the 
two remote UNIX sources can be ac- 
cessed. EmPath also enables DOS to be 
copied by UNIX or UNIX files to be 
copied by DOS. Using EmPath, a print- 
er attached to a PC can print files direct- 
ly from UNIX. For reference purposes, 
EmPath will also store or print any screen 
image. EmPath requires DOS 3.0 or 


greater, a minimum of 33K of available 
memory, a hard disk drive, and a serial 
port. EmPath permits the use of both 
DOS and UNIX-type operating systems 
without sacrificing either system’s capa- 
bilities. Only one computer is needed for 
both DOS and UNIX functions. 
Additional EmPath features include 
SCO ANSI color console emulation, non- 
resident mode capability, automatic dis- 
tinction between text and binary files, 
buffered, interrupt-driven communica- 
tions, support of line speeds up to 38400 
bps, capture and replay of screen images, 
SCO-defined key remapping, support of 
automatic dialing, external communica- 
tions interface, standard and enhanced 
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keyboard support, MDA, CGA, EGA, 
VGA 80x25 text mode support, attached 
printing utility program, dual session ca- 
pability to independent hosts, up to eight 
alternate screens per session, communi- 
cation with remote hosts and bulletin 
boards, SCO Office Portfolio support, 
and the WordPerfect 5.1 TRS file. 
EmPath is Arnet, Computone, and Equi- 
nox tested. 

For additional information, contact LDS, 
Inc., 10323 West 84th Terrace, Lenexa, 
Kansas 66214, ph: 913/492-5700, fx: 
913/492-3506. 


PowerTools Update 

VXM Technologies has announced that 
new PowerTools software can unexpect- 
edly offer a tremendous productivity boost 
to developers of groupware products. 

Since the product’s announcement, 
VXM has talked with a number of po- 
tential customers and realized that Power 
Tools could be used for developing 
groupware applications. 

Without being repackaged or modified, 
PowerTools is designed to enable devel- 
opers to easily link in the Power Tools li- 
braries to facilitate the execution of 
distributed desktop groupware processes, 
handle reliable and sequenced message 
transmission and reception between desk- 
tops, do broadcasting to multiple desktops, 
handle groupware process synchroniza- 
tion, and facilitate shared memory between 
groupware applications across a TCP/IP 
network. Groupware processes can be ini- 
tiated synchronously or asynchronously 
and can be conditioned to act depending 
upon the initiation or termination of an- 
other desktop groupware process (e.g., a 
calendar application). ‘The ToolTalk sup- 
port (analogous to a heterogeneous net- 
work DDE mechanism) offered by 
Power Tools allows the quick integration 
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and transformation of otherwise stand- 
alone desktop applications into true dis- 
tributed groupware systems. 

Power Tools works on Sun, HP, DEC, 
IBM, and Silicon Graphics UNIX plat- 
forms. 

VXM will make the product available 
for both MS Windows and NT. This new 
PC PowerTools implementation will be 
available in both a ToolTalk support for- 
mat as well as in a special network-enabled 
DDE format. The ToolTalk format will 
allow groupware enabled by PowerTools 
to interoperate across a wide variety of 
heterogeneous UNIX and PC systems. 
The DDE PowerTools format will be 


available only for MS-Windows and NT 
systems. The MS-Windows DDE imple- 
mentation will be available in March of 
1993. The NT DDE implementation will 
ship in the second quarter of 1993. 

Pricing for the MS-Windows and NT 
implementations of PowerTools will be 
announced at the time of the product’s 
release. It is expected that the cost of the 
PC DDE implementation of PowerTools 
will be lower than that of the current 
UNIX version, the company notes. 

For more information, contact VXM 
Technologies, Inc., 30 Gardner Road, Suite 
3G, Brookline, Massachusetts 02146, ph: 
617/730-8490; fac: 617/734-8760. 0 


SoftBench Channel Partner Program 


HP has announced it has established an HP Channel Partner program for Soft 
Bench in the United States. In response to strong market demand, HP has imple- 
mented this new distribution channel to supplement HP’s direct sales force’s efforts 
to make SoftBench environments widely available, particularly on Sun workstations. 

In a related announcement, HP said it has signed an agreement with BASIS 
Inc. to sell $500,000 worth of C++ SoftBench 3.0 and SoftBench 3.0 products 
on Sun SPARCstations and other platforms as they become available. The con- 
tract with BASIS, an Emeryville, California-based open-systems integrator, is 
the first in a series of U.S.-based CASE Channel Partner agreements to sell the 


SoftBench family of products. 


BASIS, along with future SoftBench Channel Partners, will receive SoftBench train- 
ing and support from HP so that it can work directly with customers interested in 
purchasing the SoftBench environments. BASIS also will help customers integrate 


full software-development solutions. 


HP’s SoftBench code development environments are integrated with the de 
facto standard SoftBench framework, a platform that provides common commu- 
nication services and interfaces among all tools in the environment. C++ SoftBench 
3.0 and SoftBench 3.0 comprise an integrated set of tools that address the major- 
ity of tasks that software developers perform when constructing an application. 

BASIS Inc., The Open Systems Integrator, is located in Emeryville, California, 
and is an independent integrator of open-systems computing technology, with ex- 
tensive experience in systems design and consultation. A UNIX system vendor 
since 1981, BASIS delivers distributed computing systems, from workstations to high- 
end servers, for commercial enterprises and public sector organizations. 
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Ow you can add 

workstations to your 

Domain/OS or HP-UX 
environment at only a fraction 
of the list price. 

That's what remanufactur- 
ing is all about. Recent model, 
lower cost equipment that 
runs like new because it has 
been rebuilt. From the ground 
up. TO manufacturer's specifi- 
cations. 

Literally manufactured a 
second time. By Tryonics, 


the people who know how 
to optimize these systems 
for your installation—new or 
existing. 

Tryonics delivers the 
highest quality remanufac- 
tured workstations on the 
market today. Backed with 
technical expertise, full 
90-day warranty and eligible 
for manufacturer's mainte- 
nance contract. 

Before you pay more, call 
1-800 551-6236 
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Workstation Computers and Services 
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Fax (603) 427-6843 Email: info@tryonics.com 170 West Road Suite #15 Portsmouth, NH 03801 
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Reflection: your passport to multivendor connectivity. 
The computing world is changing. a powerful command language to well. It’s the software solution that 

Now, Reflection® and the Reflection automate the most complex tasks. operates without a lot of additional 

Network Series® software extend the Using Reflection with the hardware. 

reach of your desktop computers in Reflection Network Series lets you Reflection and the Reflection 

multivendor environments. work on host and server applications at — Network Series—the connectivity 
Together, Reflection and the the same time. Access is provided to choices for a changing world. 

Reflection Network Series link all your Digital VAX, UNIX, HP, and IBM hosts, 

systems. Reflection provides the user concurrently, along with Novell and Call 1-800-S2NETWORK 

interface, offering the most precise VT —_ other LANs. You can run multiple 

and HP text and graphics terminal protocols simultaneously on a single PC, yas oa 

emulators for DOS, Macintosh, and and switch among them without &Reflection 

MS-Windows. Reflection also delivers rebooting. Because protocols are loaded 


fast file transfer, keyboard mapping, and —_ only as needed, memory is saved as 
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Reflection and Reflection Network Series are registered trademarks of Walker Richer & Quinn, Inc. All other trademarks are the property of their respective holders. 
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